- 42
- 76 279
CVE Program
Приєднався 11 бер 2020
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
CNA Rules v4.0 Q&A Webinar
The purpose of this CVE® Program webinar was to update CVE Numbering Authority (CNA) partners about the new and improved “CVE Numbering Authority (CNA) Operational Rules, Version 4.0,” the ways the new rules might affect CNA processes in the short term, the benefits for CNAs moving forward, and the expected positive impact on the vulnerability management ecosystem.
LINKS:
CNA Rules v4.0 - www.cve.org/ResourcesSupport/AllResources/CNARules
CNAs - www.cve.org/ProgramOrganization/CNAs
CVE.ORG website - www.cve.org/
LINKS:
CNA Rules v4.0 - www.cve.org/ResourcesSupport/AllResources/CNARules
CNAs - www.cve.org/ProgramOrganization/CNAs
CVE.ORG website - www.cve.org/
Переглядів: 360
Відео
Podcast - Expected Impact of the CNA Rules 4.0
Переглядів 4053 місяці тому
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working Group (WG) chairs, about the all-new “CVE® Numbering Authority (CNA) Operational Rules Version 4.0.” Topics discussed include the new fundamental concept embedded throughout the rules called the “right of refusal”; how CVE assignment is technology neutral (i.e., cloud, artifici...
Podcast - Swimming in Vulns (or, Fun with CVE Data Analysis)
Переглядів 2754 місяці тому
Host Shannon Sabens of CrowdStrike chats with Benjamin Edwards and Sander Vinberg, both of Bitsight, about analyzing vulnerability data in the CVE List. This is a follow-on to their “CVE Is The Worst Vulnerability Framework (Except For All The Others)” talk at “CVE/FIRST VulnCon 2024.” Topics discussed include the types of vulnerabilities and vulnerability intelligence they reviewed and the dif...
Podcast - Meet the 3 New CVE Board Members
Переглядів 1975 місяців тому
In this episode - recorded live at “CVE/FIRST VulnCon 2024” - CVE Board member and podcast host Shannon Sabens of CrowdStrike speaks with the three newest CVE Board members: Madison Oliver of GitHub Security Lab, Tod Beardsley of Austin Hackers Anonymous (AHA!), and MegaZone of F5 who joins as the new CVE Numbering Authority (CNA) Liaison to the Board. Topics include how and why each new member...
Podcast - CVE Records States and Tags
Переглядів 1475 місяців тому
Host Shannon Sabens speaks with Art Manion and Kent Landfield, all three of whom are CVE Board members and CVE Working Group (WG) chairs, about CVE Records. Discussion topics include the CVE Record Lifecycle, the three “states” of CVE Record (RESERVED, PUBLISHED, and REJECTED), the current “tags” in use with CVE Records (EXCLUSIVELY-HOSTED-SERVICE; UNSUPPORTED-WHEN-ASSIGNED; and DISPUTED), the ...
Podcast - The Council of Roots
Переглядів 6227 місяців тому
Learn how CVE Numbering Authority (CNA) partners-ranging from large to small organizations, proprietary and open-source products and projects, disparate business sectors, and different geographic locations-are overseen and supported within the CVE Program by “Top-Level Roots” and “Roots.” Topics include the roles and responsibilities of the two different types of Roots; how their work benefits ...
Closing Remarks
Переглядів 609 місяців тому
“CVE Workshop Fall 2023” Presenter: Chris Levendis, CVE Program Lead, CVE Board Member, and CVE Tactical Working Group (TWG) Co-Chair More information about CVE: * CVE Program - www.cve.org
CVE Corpus Hygiene
Переглядів 489 місяців тому
“CVE Workshop Fall 2023” Presenters: Lisa Olson, CVE Board Member and CVE Tactical Working Group (TWG) Co-Chair More information about CVE: * CVE Program - www.cve.org/
Program Rules Update
Переглядів 719 місяців тому
“CVE Workshop Fall 2023” Presenter: Art Manion, CVE Board Member and Strategic Planning Working Group (SPWG) Member More information about CVE: * CVE Program - www.cve.org
CVE JSON 5.0 Guidance
Переглядів 9159 місяців тому
“CVE Workshop Fall 2023” Presenters: Chris Coffin, CVE Board Member and and Quality Working Group (QWG) Co-Chair; Chandan Nandakumaraiah, CVE Board Member and QWG Co-Chair; Dave Waltermire, CVE Board Member and QWG Co-Chair; and MegaZone, CVE Vulnerability Conference and Events Working Group (VCEWG) Co-Chair and QWG Member More information about CVE: * CVE Program - www.cve.org/ * CVE JSON 5.0 ...
CVE JSON 5.0 Experiences
Переглядів 4609 місяців тому
“CVE Workshop Fall 2023” Presenters: Lisa Olson, CVE Board Member and CVE Tactical Working Group (TWG) Co-Chair; MegaZone, CVE Vulnerability Conference and Events Working Group (VCEWG) and Quality Working Group (QWG) Member; Co-Chair; Martin Prpic, Red Hat Root and Automation Working Group (AWG) Member; and Vishal Parekh, Microsoft CNA More information about CVE: * CVE Program - www.cve.org/ * ...
CVE Services Overview
Переглядів 4129 місяців тому
“CVE Workshop Fall 2023” Presenter: Kris Britton, CVE Automation Working Group (AWG) Chair More information about CVE: * CVE Program - www.cve.org/ * CVE Services - www.cve.org/AllResources/CveServices
State of the CVE Program
Переглядів 3339 місяців тому
“CVE Workshop Fall 2023” Presenter: Chris Levendis, CVE Program Lead, CVE Board Member, and CVE Tactical Working Group (TWG) Co-Chair More information about CVE: * CVE Program - www.cve.org
Podcast - How the New CVE Record Format Will Benefit Consumers
Переглядів 54011 місяців тому
Shannon Sabens of CrowdStrike and Kent Landfield of Trellix, both of whom are CVE Board members and CVE Working Group chairs, speak about how the new CVE Record format - with its new structured data format and optional information fields - will benefit and provide enhanced value to consumers of CVE content moving forward. Specific topics discussed include how the new CVE Record format will enab...
Podcast - Becoming A CNA: Myths versus Facts
Переглядів 1 тис.Рік тому
Host Shannon Sabens of CrowdStrike chats with Julia Turkevich of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about the myths and facts of partnering with the CVE Program as a CVE Numbering Authority (CNA). Truth and facts about the following myths are discussed: Myth #1: Only a specific category of software vendors can become CNAs. Myth #2: Organizations cannot leverage the...
Podcast - Microsoft’s Journey Adopting CVE Services & CVE JSON 5.0
Переглядів 525Рік тому
Podcast - Microsoft’s Journey Adopting CVE Services & CVE JSON 5.0
Podcast - Coordinated Vulnerability Disclosure
Переглядів 519Рік тому
Podcast - Coordinated Vulnerability Disclosure
CVE Services Client Demonstration: cvelib
Переглядів 858Рік тому
CVE Services Client Demonstration: cvelib
CVE Services Client Demonstration: cveClient
Переглядів 724Рік тому
CVE Services Client Demonstration: cveClient
CVE Services Client Demonstration: Vulnogram
Переглядів 1,6 тис.Рік тому
CVE Services Client Demonstration: Vulnogram
CVE JSON 5.0: Introduction/Tips/Guidance/Q&A
Переглядів 8 тис.Рік тому
CVE JSON 5.0: Introduction/Tips/Guidance/Q&A
(ARCHIVED) Podcast - CNA Mentoring Program: Members Helping Members
Переглядів 398Рік тому
(ARCHIVED) Podcast - CNA Mentoring Program: Members Helping Members
Podcast - An Insider’s View of the CVE Program
Переглядів 763Рік тому
Podcast - An Insider’s View of the CVE Program
Podcast - The Value of Assigning CVEs
Переглядів 3 тис.2 роки тому
Podcast - The Value of Assigning CVEs
Rodriguez Brian Moore Jessica Jackson Lisa
For those who missed it, I highly recommend their VulnCon presentation: ua-cam.com/video/vaWoiWjqOjk/v-deo.htmlsi=nU-uJtsEyxmk7CjS
I truly hope that ADP will get some traction. This might be one of the major improvements of the CVE program. From my personal experience the vulnerability management community is usually not very eager to share quality improvements of existing data or to share their own data. For example the amount of external contributors of OSVDB was very low. I hope that this will change in the future.
Lovely
Only audio is available?
correct