The Common Vulnerabilities and Exposures (CVE) system provides a benchmark method for publicly known information security vulnerabilities and exposures. The US National Cybersecurity FFRDC maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security. The system was officially released to the public in September 1999.
Reliable and accurate!
A CVE provides useful information regarding a security breach, including the discovery date of the vulnerability, as well as the degree of severity (danger), it presents to the system; and references to solutions or manufacturer advice for resolving the issue.
CVEs are the primary source of reference for the information security team to keep their systems secure and stable. Because the quality and accuracy of the information contained in the CVEs, ensures that the security team has the confidence to apply the necessary patches to resolve issues rapidly.
Conclusion
Companies that keep their systems secure use the information contained in the CVEs to assist in the remediation of vulnerabilities in their systems. Periodic use of vulnerability scanning tools is a mandatory measure for companies that adopt a proactive posture in relation to the security of their connected environments.
Comments