In order to modularize and simplify the use and representation of security software bugs, there exist software bug categories, in other words, software bug knowledge base which contains the abstract details of a single bug, such as Log Forging or XML Entity Expansion Injection.
Every software bug in NormShield has a software bug category. There might more than one software bugs having a single software bug category. Figure shows the listing of software bug categories by clicking submenu Vulnerability->Software Bug Categories.
As controls are manually (for now) imported, software bug categories are created in NormShield that doesn’t exist before.
The software bug categories can be mainly filtered by using scanne source, root causes and severities.