Weaknesses

A Weakness is a weakness or business-related breakdown that can affect projects under certain conditions. SD Elements tracks an official set of Weaknesses and their conditions, and additional Weaknesses can be managed as well.

The official Weaknesses are read-only.

Weakness details

  • Title: The title of the Weakness.

  • Risk rating: The risk score of the Weakness, which is analogous to the priority of a Countermeasure.

  • Text: A text description of the Weakness. A brief description of the impact of a Weakness not being addressed or mitigated.

    This field uses Markdown for rich text formatting.

  • Common Weakness Enumeration Identifier: An optional list of Common Weakness Enumeration (CWE) identifiers that track common software weaknesses.

  • Rules: The section titled Applicable to a Project when the following rules are met shows the rules for the Weakness. A Weakness always appears in a project if there are no rules.

Create a custom Weakness

To edit a custom Weakness follow the steps below.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Click Add Weakness on the top right. A dialog will appear.

  3. Fill in the required fields.

    image

  4. Click Add Weakness.

The Weakness is added to the system: custom or orginal Countermeasures can be associated with the new Weakness.

Delete a custom Weakness

Delete a custom Weakness by first moving all assigned Countermeasures to an existing Weakness. To delete a custom Weakness follow the steps below.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu opton Library → Weaknesses.

  2. Search for the Weakness and select it.

  3. Click Delete Weakness.

  4. Select an existing Weakness to move any affected Countermeasures.

    image

  5. Click Delete Weakness.

The Weakness is removed from the system. All affected Countermeasures are assigned to the selected Weakness.

View a Weakness in read-only mode

Examine a read-only version of a library Weakness by following the steps below.

Prerequisites:

  • The user has the permission Global Roles → User Management → Modify own user settings.

  • The user does not have the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Click the magnifying glass icon on the left side of the page.

  3. Search for specific Weaknesses by name, or filter by CWE. You can also search by type:

    • Custom & Original All Weaknesses.

    • Custom All custom Weaknesses.

    • Original All original Weaknesses.

Weaknesss matching the filter are displayed in the list view. A Weakness you select is presented in full detail, but you cannot modify it in this view.

Edit a Library Weakness

Make custom changes to the title, risk rating, or text of an existing Library Weakness.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Select the Weakness that you want to customize.

  3. Edit any of the following fields:

    1. Title

    2. Risk rating

    3. Text

  4. Click Save Weakness.

The custom Library ProbWeaknesslem is saved with its new details and now appears as Modified in the Library.

Revert changes to a Library Weakness

Return any modified fields of a Weakness back to their original content.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Select the modified Weakness containing content that you want to revert.

  3. Select the Revert checkbox for any of the following fields:

    1. Title

    2. Risk Rating

    3. Text

  4. Click Save Weakness.

The modified fields of the Weakness that you selected are reverted back to their default details.

Custom rules

In addition to creating your own Library Weaknesses with optional rules, you can do the following with built-in SD Elements Weaknesses:

  • Create custom rules

  • Edit existing rules

  • Delete one or more rules

  • Revert all rule changes and additions

Create a custom rule

To create a custom rule for a built-in Weakness, follow the steps below.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Select the Weakness that you decided should have a new rule.

  3. Click Add Another Rule at the bottom of the Applicable to a Project when section.

    image

  4. Select one or more match conditions for the rule.

    image

  5. Click Save Rule.

  6. Click Save Weakness at the bottom right of the Edit Weakness page.

Edit a rule

To edit a rule for a built-in Weakness, follow the steps below.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Select the Weakness that has a rule you decided needs editing.

  3. Click Edit at the bottom of the rule you want to edit.

  4. Select or deselect match conditions until the rule is satisfactory.

    image

  5. Click Save Rule.

  6. Click Save Weakness at the bottom right of the Edit Weakness page.

Delete a rule

To delete a rule from a built-in Weakness, follow the steps below.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Select the Weakness that has a rule you don’t need.

  3. Click Delete at the bottom of the unwanted rule.

  4. Click Save Weakness.

Revert changes made to a custom rule

To revert all changes made to rules for a built-in Weakness, follow the steps below.

Prerequisites:

  • The user has the permission Global Roles → Customization → Customize content.

Steps:

  1. Select the menu option Library → Weaknesses.

  2. Select the Weakness that has rule changes you want to revert.

    A green asterisk beside the Applicable to a Project when section heading indicates that the Weakness contains at least one modified rule.
    image

  3. Select the Revert checkbox located above the list of current rules.

  4. Click Save Weakness. A confirmation dialog will appear.

  5. Select the warning’s checkbox to verify that you want to revert all content.

  6. Click Confirm.

All rules for the Weakness revert to their original content.

results matching ""

    No results matching ""