Working in concert with Common Vulnerabilities and Exposures (CVE) Programme, ESET, a Europe-based endpoint protection platform vendor, has announced it is authorised by the CVE Program as a CVE Numbering Authority (CNA).
Organisations designated as CNAs are responsible for the assignment of CVE IDs to vulnerabilities and for creating and publishing information about the vulnerability in the associated CVE record.
The status means that ESET will be able to publish CVE records, including the CVE ID, descriptor and references concerning vulnerabilities discovered in its own products and those discovered by ESET researchers in third-party products not covered by other CNAs. In addition, as a CNA, ESET can better fulfil its leadership role in innovating security technologies and product, research and development (R&D), and promoting high security standards in the broader IT ecosystem
“Engaging in the international, community-driven Common Vulnerabilities and Exposures (CVE) Program brings us closer to our goal of supporting ongoing collaboration with the wider cybersecurity sector, as well as academic, business, and government stakeholders. Simultaneously, it allows our internal security and R&D teams to more efficiently and consistently address security weaknesses wherever they may be and to remain proactive in fighting vulnerabilities and threats,” said Daniel Chromek, Chief Information Security Officer, ESET.