Technopedia: Software Security
This section provides Technopedia: Software Security field descriptions for the following:
Field |
Description |
SW Category |
Software category (first level of taxonomy) |
SW Subcategory |
Software subcategory (second level of taxonomy) |
SW Vendor Category |
Product category per vendor |
SW Manufacturer |
Software manufacturer name |
SW Manufacturer ID |
Software manufacturer identification number |
SW Family |
Brand/family the software product belongs to, if applicable |
SW Name |
Name of the software product |
SW Name ID |
Software name identification number |
SW Component |
Component of the software product, if applicable |
SW Market Version |
Software market version (version group) |
SW Market Version ID |
Software market version identification number |
SW Version |
Software version number/name associated with the release |
SW Version ID |
Software verion identification number |
SW Service Pack |
Software patch, update, or service pack level, if applicable |
SW Edition |
Software product edition name |
SW Edition ID |
Software edition identification number |
SW Is Licensable? |
Indicates whether the software release is licensable or not |
SW Is Suite? |
Indicates whether the software product is a suite |
SW Suite |
Software suite |
SW Is Suite Component? |
Indicates whether the software product is a component of a suite |
SW Suite Component |
Software suite component |
SW Cloud or On-Premise? |
Identifies whether the product is 'Cloud Only', 'On-Premise-Only', or 'Cloud and On-Premise' |
SW On-premise equivalent |
Equivalent on-premise product for cloud product |
SW Cloud equivalent |
Equivalent cloud product for on-premise product |
Software Lifecycle (Calculated)
Field |
Description |
SW Is Supported? (calc.) |
BDNA guideline to customers, as to the support status for a product |
SW Supported Reason (calc.) |
Reason determining the product support status. I.e. published date, calculated date, version sequence |
SW EOL Year (calc.) |
Calculated software version end-of-life date. Calculated year is based on Technopedia software product published dates |
SW EOL Quarter (calc.) |
Calculated software version end-of-life date. Calculated quarter-in-year is based on Technopedia software product published dates |
SW EOL Month (calc.) |
Calculated software version end-of-life date. Calculated month-in-year is based on Technopedia software product published dates |
SW EOL Date (calc.) |
Calculated software version end-of-life date. Calculated date is based on Technopedia software product published dates |
SW Desupported? (calc.) |
A flag that indicates whether the version has been discontinued/desupported |
SW Version Order (calc.) |
Number that indicates the sequential order by which this particular version was released during the history of the product |
SW Max Versions (calc.) |
The highest version order of all the versions that were released during the history of the product |
SW Versions (calc.) |
Number of versions between the particular version and the highest version of the product |
Field |
Description |
SW CPE Definition |
The title/name of the software product for which the CPE URI is assigned. This refers to 'ns1:title’ column in CPE Dictionary (which is published by the U.S. National Institute for Standards and Technology, NIST) |
SW CPE Part |
Part component of CPE URI |
SW CPE Vendor |
Vendor component of CPE URI |
SW CPE Product |
Product component of CPE URI |
SW CPE Edition |
Edition component of CPE URI |
SW CPE URI |
The generic syntax for Uniform Resource Identifiers (URI) for Common Platform Enumeration (CPE), which includes a formal name format, a method for checking names against a system, and a description format for binding |
SW CPE Max CVSS Score |
Maximum Common Vulnerability Scoring System (CVSS) value amongst all CVE entries that are associated with this CPE |
SW CPE Max CVSS Severity |
Maximum Common Vulnerability Scoring System (CVSS) Severity amongst all CVE entries that are associated with this CPE |
Common Vulnerabilities and Exposures
Field |
Description |
SW CVE CVSS Score |
Common Vulnerability Scoring System (CVSS), an open framework for communicating the characteristics and impacts of IT vulnerabilities which is adopted in The National Vulnerability Database (NVD) |
SW CVE CVSS Severity |
The order of severity based on CVSS score: High (CVSS score of 7.0 - 10.0), Medium (CVSS score of 4.0 - 6.9), Low (CVSS score of 0.0 - 3.9) |
Field |
Description |
PRI Is Private? |
Indicates whether the data being analyzed is private or not |
PRI Type |
Indicates the type of private data, options are: Proprietary item or Modified item |
PRI Table |
Name of the table that has private data. |
PRI Attribute |
Name of the attribute that has been edited. |
Field |
Description |
SW Product Count |
Software Product Count |
SW Version Count |
Software Version Count |
SW Edition Count |
Software Edition Count |
SW Release Count |
Software Release Count |
SW CVE Instance Count |
Count of Software CVE Vulnerability (product level) |
SW Max CVSS Score |
Maximum CVSS Vulnerability Score of the associated CPE_URI. Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and impacts of IT vulnerabilities which is adopted in The National Vulnerability Database (NVD) |