The Common Vulnerabilities and Exposures (CVE) program is the global standard for identifying and naming software vulnerabilities. Established in 1999, CVE assigns unique IDs to known cybersecurity flaws through a network of trusted organizations known as CVE Numbering Authorities (CNAs). CVE data serves as the backbone for global cyber defense collaboration. Sustained investment, transparency, and shared responsibility are essential to ensuring the continuity of this critical program and preventing fragmentation of the global vulnerability landscape.
Read Next
Protecting Good-Faith Security Research: Building Legal Certainty Through NIS 2
Protect critical infrastructure or protect yourself. That is the untenable choice good-faith security researchers face. In much of Europe and beyond, laws still fail to clearly distinguish legitimate security research from malicious hacking.
Not All Mitigations Are Created Equal: What We are Learning from AI Vulnerability Discovery
Much has been reported on the potential looming “vulnpocolypse” but in the meantime we should be focusing on the areas where immediate resources are needed.
S3 EP01: Digital Sovereignty, CSA 2.0, and PQC with MEP Bart Groothuis
In our latest Distilling Cyber Policy podcast, hosts Alex Botting and Jen Ellis kick off the season with a wide-ranging conversation on some of the biggest issues shaping cyber policy.
