Shannon Sabens of CrowdStrike and Tod Beardsley of Rapid7, both of whom are CVE Board members and CVE Working Group chairs, chat about the CVE Program from their insider’s perspectives.
Topics include the value of a federated program of CVE Numbering Authorities (CNAs) from around the world for increased assignment of CVE Records; the upside and minimal requirements to becoming a CNA; the types of organizations that are CNAs; how CNAs are a community with a mentoring program; how CNAs assigning CVE Identifiers (CVE IDs) benefits the global IT community; CVE versus NVD; how CNAs impact the program by participating in CVE Working Groups, be it for one-off or longer-term contributions; and how the CVE Program is about people working to improve cybersecurity for all.
Tod also writes about many of these topics in his article, An Inside Look at What Makes the CVE Program Tick, on SCMagazine.