Earning Criteria

• Must be an employee of IBM, assigned to a PSIRT role
• Demonstrate an understanding of the OWASP Top 10 Web Application Security Risks, which represents a broad industry consensus of the most critical security risks to web applications.
• Understand what CVEs are and the process for issuing them. Common Vulnerabilities and Exposures (CVE®) is a list of common identifiers for publicly known cybersecurity vulnerabilities. Use of CVE Entries, which are assigned by CVE Numbering Authorities (CNAs) from around the world, ensures confidence among parties when used to discuss or share information about a unique software or firmware vulnerability, provides a baseline for tool evaluation, and enables automated data exchange.
• Demonstrate knowledge of the Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors (CWE Top 25) is a demonstrative list of the most widespread and critical weaknesses that can lead to serious vulnerabilities in software. These weaknesses are often easy to find and exploit. They are dangerous because they will frequently allow adversaries to completely take over execution of software, steal data, or prevent the software from working.
• Complete the learning plan and pass the quiz to earn the badge