BF Security Rules CWE API
Irena Bojanova, Inventor/Creator, PI & Lead, NIST Bugs Framework (BF), 2014 – ~~~ #

//Exclusive Rights Only//

The BF Security Rules CWE API generates datasets of BF Security Rules by CWE where applicable.

• BF BF Security Rules by CWE → Key required:

  https://samate.nist.gov/services/BF/BFSecurityRules.xml/CWE?key=YOUR_KEY
  https://samate.nist.gov/services/BF/BFSecurityRules.json/CWE?key=YOUR_KEY

  Note: ID="-1" if no CWE corresponds to that BF Wwakness Triple.

• Programatically → Key required:
  

  C#
  

  HttpClient client = new HttpClient() { BaseAddress = new Uri("https://samate.nist.gov/services/BF") };
  
  //replace YOUR_USER_NAME and YOUR_KEY
  client.DefaultRequestHeaders.Add("user", YOUR_USER_NAME);
  client.DefaultRequestHeaders.Add("key", YOUR_KEY);
  
  //result in XML
  var responseXML = await client.GetAsync("BFSecurityRules.xml/CWE/api");
  responseXML.EnsureSuccessStatusCode();        
  var resultXML = await responseXML.Content.ReadAsStringAsync();
  
  //result in JSON
  var responseJSON = await client.GetAsync("BFSecurityRules.json/CWE/api");       
  responseJSON.EnsureSuccessStatusCode();         
  var resulJSON = await responseJSON.Content.ReadAsStringAsync();
  

  Python

  //to be added//

BF CITATION:
Bojanova I (2024) Bugs Framework (BF): Formalizing Cybersecurity Weaknesses and Vulnerabilities. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP), NIST SP 800-231. https://doi.org/10.6028/NIST.SP.800-231