CWE Mapping
This page provide a listing of all supported CWE identifiers, and walks users through the steps of locating and filtering vulnerabilities by CWE Identifier.
A complete listing of the CWE identifiers supported by ThreadFix v1.2 (and the current set of integrated scanners) can be found by viewing [CWE 2.5] (http://cwe.mitre.org/data/index.html). ThreadFix allows for manual entry of vulnerabilities, allowing for complete coverage/support of all CWE identifiers found in [CWE 2.5] (http://cwe.mitre.org/data/index.html).
Step 3: Click on the CWE Entry URL to navigate to the to the associated CWE identifier on MITRE’s website.
Filtering vulnerability data is a feature of ThreadFix. Users can filter many criteria including CWE identifier.
Supported Threadfix [Dynamic Scanners] (https://github.com/denimgroup/threadfix/wiki/Dynamic-Scanners), [Static Scanners] (https://github.com/denimgroup/threadfix/wiki/Static-Scanners), [Remote Providers] (https://github.com/denimgroup/threadfix/wiki/Remote-Providers)
Supported Threadfix [Software Defect Trackers] (https://github.com/denimgroup/threadfix/wiki/Software-Defect-Trackers)
Supported Threadfix [WAF Types] (https://github.com/denimgroup/threadfix/wiki/WAF-Types)
ThreadFix Plugins: Zap Plugin, [Burp Plugin] (Burp-Plugin), [Eclipse IDE Plugin] (Eclipse-IDE-Plugin), [IntelliJ IDEA Plugin] (IntelliJ-IDEA-Plugin)
Threadfix [Vulnerability Merging] (https://github.com/denimgroup/threadfix/wiki/Vulnerability-Merging)
Threadfix [Vulnerability Format] (https://github.com/denimgroup/threadfix/wiki/Vulnerability-Format)