We Speak CVE
A free podcast about cybersecurity, vulnerability management, and the CVE Program.
We Speak CVE
(ARCHIVED) - Managing Modernization and Automation Changes in the CVE Program
****IMPORTANT NOTE: The content of this episode is out of date. It has been removed from public access to avoid causing confusion for listeners.***
Episode 7 – Kelly Todd of the CVE Program speaks with Lisa Olson of Microsoft about managing the modernization and automation changes currently underway in the CVE Program. Topics include the efforts of the newly formed CVE Transition Working Group (Lisa, a CVE Board member, is co-chair); automation of CVE ID assignment and CVE Record publishing for CVE Numbering Authorities (CNAs), including the availability of free APIs and other improvements on the way; the upcoming new version release of JSON for the CVE Record format to enhance the data associated with a record; the upcoming availability of program metrics for the CVE community, as well as customized dashboards for use by CNAs; the upcoming launch of a new and more modern CVE website using a new url, cve.org; among other program improvements. In addition, Lisa discusses the benefits of partnering with the CVE Program as a CNA and of being a member of the global CNA community.
CVE® - https://cve.mitre.org/
Microsoft - https://www.microsoft.com/
MSRC - https://microsoft.com/msrc
CVE Working Groups - https://cve.mitre.org/working_groups.html
How to become a CNA - https://cve.mitre.org/cve/cna.html#become_a_cna