CVE program gets last-minute funding from CISA β and maybe a new home
In a dramatic move, US officials have stepped in to ensure the continuation of the Common Vulnerabilities and Exposures (CVE) Program, providing emergency funding just before a major deadline. Initially, there were concerns over the expiry of MITRE’s contract to manage the CVE database, creating uncertainty within the cybersecurity community about the future of this critical resource.
Key Points
- The US government has renewed funding for the CVE Program on the brink of its contract expiring.
- CISA has extended its contract with MITRE to ensure continued operation of the CVE database.
- A new CVE Foundation has been announced to develop a more sustainable, community-driven model.
- The CVE program is crucial for tracking technological vulnerabilities, serving as a key resource for developers, governments, and researchers.
- Concerns remain about relying on a government contract for the CVE Program’s future.
Why should I read this?
If cybersecurity is your jam, you won’t want to miss this! The CVE Program is a big deal for anyone dealing with tech vulnerabilities. With possible shifts towards a more independent structure, itβs an exciting time to see how this will unfold and impact everyone involved in cybersecurity. We’ve done the heavy lifting, so just dive in for all the details!