Sophos Named Common Vulnerability and Exposure Numbering Authority Sophos
Sophos has been named a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) in the CVE program. CVE is a recognized international standard for identifying and naming cybersecurity vulnerabilities. With this status, Sophos is authorized to assign CVE identification to unique vulnerabilities within the scope of its products. Security researchers can now work directly with Sophos to open CVEs for the company’s products, making the process of reporting issues and assigning CVEs more straightforward.
The CVE program is an international, community-based effort that maintains a community-driven, open data registry of vulnerabilities. The program catalogs CVEs in a publicly available registry that is available to security researchers, vulnerability disclosers and information technology vendors. Using a common identifier makes it easier to share and cross-check data across the industry
The CVE programme is an international, community-based effort that maintains a community-driven, open data registry of vulnerabilities. The programme catalogues CVEs in a publicly available registry that is available to security researchers, vulnerability discloses, and information technology vendors. Using a common identifier makes it easier to share and cross-check data across the industry’s several and separate security databases and tools that track vulnerabilities.
“Sophos’ new status as a CNA is another example of our commitment to being transparent, and by having the ability to assign CVEs, we can provide the industry with pertinent information about our products faster. This allows organizations to more quickly assess security issues, determine the scale of urgency, and prioritize updates,” said Ross McKerchar, Vice President and Chief Information Security Officer (CISO) at Sophos. “Sophos’ CVEs will also get entered into the multiple CVE-compatible databases wit
Press release content from Globe Newswire. The AP news staff was not involved in its creation.
Sophos Named Common Vulnerability and Exposure Numbering Authority
Sophos Ltd.January 13, 2021 GMT
OXFORD, United Kingdom, Jan. 13, 2021 (GLOBE NEWSWIRE) Sophos, a global leader in next-generation cybersecurity, today announced that it has been named a Common Vulnerabilities and Exposures (CVE) Numbering Authority(CNA) in the CVEprogram, a recognized international standard for identifying and naming cybersecurity vulnerabilities. With this status, Sophos is authorized to assign CVE identification to unique vulnerabilities within the scope of its products. Security researchers can now work directly with Sophos to open CVEs for the company’s products, making the process of reporting issues and assigning CVEs more straightforward.