Working in collaboration with the Common Vulnerabilities and Exposures (CVE®) Program, ESET, a global leader in the cybersecurity market, has been authorized by the CVE Program as a CVE Numbering Authority (CNA).
Organizations designated as CNAs are responsible for assigning CVE IDs to identified vulnerabilities and for creating and publishing information related to a given vulnerability in the corresponding CVE record.
The status enables ESET to release CVE Records, including the CVE ID, descriptor and references regarding both vulnerabilities detected in its own products and those identified by ESET researchers in third-party products not covered by other CNAs. As a CNA, ESET can better fulfill its role as a leader in cybersecurity technology innovation and product research and development, promoting high security standards in the broader IT ecosystem.
“Commitment to the international program, driven by the community Common Vulnerabilities and Exposures (CVE®) brings us closer to our goal of supporting ongoing collaboration with the broader cybersecurity industry, as well as academic, corporate and government stakeholders. At the same time, it enables our internal security and R&D teams to more efficiently and consistently address cybersecurity weaknesses, wherever they may be, and to remain proactive in combating vulnerabilities and threats,” he says Daniel Chromek, Chief Information Security Officer di ESET.
ESET passionately supports the coordinated vulnerability disclosure process and publicly credit whistleblowers for their efforts (if they do not wish to remain anonymous). Those interested in researching possible vulnerabilities or other security issues in ESET products or websites can find more information about the partnership with HackTrophy, or to this link.
