- 2.1 Given a scenario, perform passive reconnaissance.
OSINT is a multi-factor (qualitative, quantitative) methodology for collecting, analyzing and making decisions about data accessible in publicly available sources to be used in an intelligence context.
-
- Common weakness enumeration (CWE): Community-developed list of software and hardware weakness types and mitigations for implementing good secure coding practices and software design. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts. The CWE security weaknesses are broken uo into three categories:
- Research concepts: Intended for academic research
- Development concepts: Weaknesses encountered during software development.
- Architectural concepts: Weaknesses encountered during software engineering.
- Common vulnerabilities and exposures (CVE): The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures.
- Common weakness enumeration (CWE): Community-developed list of software and hardware weakness types and mitigations for implementing good secure coding practices and software design. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts. The CWE security weaknesses are broken uo into three categories: