CWE - 2010 CWE/SANS Top 25 Most Dangerous Programming Errors. Summary Discussion Salt might not be good for your diet, but it can be good for your password security. Instead of storing passwords in plain text, a common practice is to apply a one-way hash, which effectively randomizes the output and can make it more difficult if (or when?) Attackers gain access to your password database. Prevention and Mitigations Related CWEs Related Attack Patterns CAPEC-IDs: [view all]16, 20, 49, 55, 97 Monster Mitigations These mitigations will be effective in eliminating or reducing the severity of the Top 25. A Monster Mitigation Matrix is also available to show how these mitigations apply to weaknesses in the Top 25. See the Monster Mitigation Matrix that maps these mitigations to Top 25 weaknesses. Appendix A: Selection Criteria and Supporting Fields Entries on the 2011 Top 25 were selected using three primary criteria: weakness prevalence, importance, and likelihood of exploit.
Prevalence Acceptable ratings were: Importance Ratings for Importance were: Additional Fields. Aircrack Main Page. The aircrack project. The Metsploit project. Security Research and Cyber Threats Monitoring 24/7.