The MITRE ATT&CK CWE CDF for ThreatQuotient enables the automatic ingestion of MITRE’s Common Weakness Enumerations (CWE) into ThreatQ as Vulnerabilities.

MITRE’s Common Weakness Enumeration is a standardized list of software and hardware weaknesses that can be exploited by attackers. It’s essentially a dictionary of common flaws categorized in a way that helps developers, security professionals, and other stakeholders discuss, identify, and prevent these weaknesses.

The integration provides the following feed:

• MITRE ATT&CK CWE - ingests MITRE CWEs as vulnerabilities as well as any related CVEs. 

The integration ingests indicator and vulnerability type objects.