Technopedia: Software Security
This section provides Technopedia: Software Security field descriptions for the following:
|
Field |
Description |
|
SW Category |
Software category (first level of taxonomy) |
|
SW Subcategory |
Software subcategory (second level of taxonomy) |
|
SW Vendor Category |
Product category per vendor |
|
SW Manufacturer |
Software manufacturer name |
|
SW Manufacturer ID |
Software manufacturer identification number |
|
SW Family |
Brand/family the software product belongs to, if applicable |
|
SW Name |
Name of the software product |
|
SW Name ID |
Software name identification number |
|
SW Component |
Component of the software product, if applicable |
|
SW Market Version |
Software market version (version group) |
|
SW Market Version ID |
Software market version identification number |
|
SW Version |
Software version number/name associated with the release |
|
SW Version ID |
Software verion identification number |
|
SW Service Pack |
Software patch, update, or service pack level, if applicable |
|
SW Edition |
Software product edition name |
|
SW Edition ID |
Software edition identification number |
|
SW Is Licensable? |
Indicates whether the software release is licensable or not |
|
SW Is Suite? |
Indicates whether the software product is a suite |
|
SW Suite |
Software suite |
|
SW Is Suite Component? |
Indicates whether the software product is a component of a suite |
|
SW Suite Component |
Software suite component |
|
SW Cloud or On-Premise? |
Identifies whether the product is 'Cloud Only', 'On-Premise-Only', or 'Cloud and On-Premise' |
|
SW On-premise equivalent |
Equivalent on-premise product for cloud product |
|
SW Cloud equivalent |
Equivalent cloud product for on-premise product |
Software Lifecycle (Calculated)
|
Field |
Description |
|
SW Is Supported? (calc.) |
BDNA guideline to customers, as to the support status for a product |
|
SW Supported Reason (calc.) |
Reason determining the product support status. I.e. published date, calculated date, version sequence |
|
SW EOL Year (calc.) |
Calculated software version end-of-life date. Calculated year is based on Technopedia software product published dates |
|
SW EOL Quarter (calc.) |
Calculated software version end-of-life date. Calculated quarter-in-year is based on Technopedia software product published dates |
|
SW EOL Month (calc.) |
Calculated software version end-of-life date. Calculated month-in-year is based on Technopedia software product published dates |
|
SW EOL Date (calc.) |
Calculated software version end-of-life date. Calculated date is based on Technopedia software product published dates |
|
SW Desupported? (calc.) |
A flag that indicates whether the version has been discontinued/desupported |
|
SW Version Order (calc.) |
Number that indicates the sequential order by which this particular version was released during the history of the product |
|
SW Max Versions (calc.) |
The highest version order of all the versions that were released during the history of the product |
|
SW Versions (calc.) |
Number of versions between the particular version and the highest version of the product |
|
Field |
Description |
|
SW CPE Definition |
The title/name of the software product for which the CPE URI is assigned. This refers to 'ns1:title’ column in CPE Dictionary (which is published by the U.S. National Institute for Standards and Technology, NIST) |
|
SW CPE Part |
Part component of CPE URI |
|
SW CPE Vendor |
Vendor component of CPE URI |
|
SW CPE Product |
Product component of CPE URI |
|
SW CPE Edition |
Edition component of CPE URI |
|
SW CPE URI |
The generic syntax for Uniform Resource Identifiers (URI) for Common Platform Enumeration (CPE), which includes a formal name format, a method for checking names against a system, and a description format for binding |
|
SW CPE Max CVSS Score |
Maximum Common Vulnerability Scoring System (CVSS) value amongst all CVE entries that are associated with this CPE |
|
SW CPE Max CVSS Severity |
Maximum Common Vulnerability Scoring System (CVSS) Severity amongst all CVE entries that are associated with this CPE |
Common Vulnerabilities and Exposures
|
Field |
Description |
|
SW CVE CVSS Score |
Common Vulnerability Scoring System (CVSS), an open framework for communicating the characteristics and impacts of IT vulnerabilities which is adopted in The National Vulnerability Database (NVD) |
|
SW CVE CVSS Severity |
The order of severity based on CVSS score: High (CVSS score of 7.0 - 10.0), Medium (CVSS score of 4.0 - 6.9), Low (CVSS score of 0.0 - 3.9) |
|
Field |
Description |
|
PRI Is Private? |
Indicates whether the data being analyzed is private or not |
|
PRI Type |
Indicates the type of private data, options are: Proprietary item or Modified item |
|
PRI Table |
Name of the table that has private data. |
|
PRI Attribute |
Name of the attribute that has been edited. |
|
Field |
Description |
|
SW Product Count |
Software Product Count |
|
SW Version Count |
Software Version Count |
|
SW Edition Count |
Software Edition Count |
|
SW Release Count |
Software Release Count |
|
SW CVE Instance Count |
Count of Software CVE Vulnerability (product level) |
|
SW Max CVSS Score |
Maximum CVSS Vulnerability Score of the associated CPE_URI. Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and impacts of IT vulnerabilities which is adopted in The National Vulnerability Database (NVD) |