Parasoft Announces Support for New 2019 CWE Guidelines

December 03, 2019


Parasoft, an automated software testing company, announced support for the updated 2019 Common Weakness Enumeration (CWE) Top 25 and "On the Cusp".

Parasoft, an automated software testing company, announced support for the updated 2019 Common Weakness Enumeration (CWE) Top 25 and "On the Cusp" (an additional 15 weaknesses) for C, C++, Java, and .NET languages, in a press release. With the latest releases of its software testing products Parasoft Jtest, Parasoft dotTEST, and Parasoft C/C++test, the company is the only vendor to cover all of these critical security guidelines, enabling organizations to achieve continuous security and compliance to prevent the most dangerous of software errors, per the release.

The CWE is a list of over 800 programming errors, design errors, and architectural errors that can lead to exploitable vulnerabilities. Previously updated in 2011, the 2019 CWE Top 25 Most Dangerous Software Errors is a targeted list of the most widespread and critical errors that can be exploited to create the most serious security consequences in software. Since its release, the Top 25 list has been a widely adopted security standard throughout a variety of industries, along with the CWE's somewhat lesser-known "On the Cusp" list.

For teams working with IoT or medical devices, both the Top 25 and "On the Cusp" are also an integral part of UL 2900 (Software Cybersecurity for Network-Connectable Products) compliance, recognized by the FDA for network-connected medical device cybersecurity.

"The additional information provided in the 2019 update will help organizations objectively understand which items are likely to cause the most harm, making the 2019 CWE Top 25 and 'On the Cusp' more effective for cybersecurity," said Parasoft security expert Arthur Hicken.

Parasoft provides full support for CWE, with its latest releases supporting the new generation of the 2019 CWE Top 25. The testing company’s CWE Compliance Packs provide pre-configured, out-of-the-box, and fully customizable test configurations and reporting.

For more information, visit

Perry Cohen, associate editor for Embedded Computing Design, is responsible for web content editing and creation in addition to podcast production. He also assists with the publication?s social media efforts which include strategic posting, follower engagement, and social media analysis. Before joining the ECD editorial team, Perry has been published on both local and national news platforms including (Phoenix), (Phoenix),, Cronkite News, and MLB/MiLB among others. Perry received a BA in Journalism from the Walter Cronkite School of Journalism and Mass Communications at Arizona State university. He can be reached by email at [email protected]. Follow Perry?s work and ECD content on his twitter account @pcohen21.

More from Perry