Dissecting application security XML schemas

Recent activities in applications security research and industry have inspired companies and researchers to create a standard way of defining and describing vulnerabilities, expressing different application needs with respect to various aspects of vulnerabilities, making vulnerability descriptions accessible to disparate computer systems. This article describes the state of the art today and possible directions in the future. It summarizes industry efforts and focuses on application security related XML schemas being developed within OASIS.