SoftIron Authorized as CVE Numbering Authority
Accelerating in cyber security domain
This is a Press Release edited by StorageNewsletter.com on September 28, 2023 at 2:01 pmSoftIron Ltd has been authorized by the Common Vulnerability and Exposures (CVE) Program as a CVE Numbering Authority (CNA).
The CVE (Common Vulnerabilities and Exposures) Program seeks to provide a common framework to identify, define, and catalog publicly disclosed cyber security vulnerabilities. As each vulnerability is detected, reported, and assessed, a CVE record is created, and a CVE ID is assigned. This ensures information technology and cybersecurity professionals can quickly identify and coordinate efforts to prioritize and address vulnerabilities and protect systems vs. attack, resulting in significant time and cost savings.
“We’ve long been advocates of transparency as a key tenet of good security practice, whether within our own platforms where we allow complete audit of our code by our customers, or in identifying and remediating CVEs wherever we find them,” Kenny Van Alstyne, CTO. “We’re excited to take this next step in our progression as a good steward of the broader software ecosystem.”
The CVE program is an international, community-based program and is operated on a voluntary basis by participating organizations. SoftIron joins authorized commercial entities such as VMWare, Dell, HP and AMD as a CNA.
About the CVE Program
The mission of the program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
The CVE Program is sponsored by the Cybersecurity and Infrastructure Security Agency (CISA), of the US Department of Homeland Security (DHS) in collaboration with international industry, academic, and government stakeholders.
Subscribe to our free daily newsletter
