Monday, March 28, 2011

CVE Announce - March 28, 2011 (opt-in newsletter from the CVE Web site)

Welcome to the latest edition of the CVE-Announce e-newsletter. This email
newsletter is designed to bring recent news about CVE, such as new versions,
upcoming conferences, new Web site features, etc. right to your email box.
Common Vulnerabilities and Exposures (CVE) is the standard for information
security vulnerability names. CVE content results from the collaborative
efforts of the CVE Editorial Board, which is comprised of leading
representatives from the information security community. Details on
subscribing (and unsubscribing) to the email newsletter are at the end.
Please feel free to pass this newsletter on to interested colleagues.

Comments: cve@mitre.org

-------------------------------------------------------
CVE-Announce e-newsletter/March 28, 2011
-------------------------------------------------------

Contents:

1. Feature Story
2. Upcoming Event
3. Also in this Issue
4. Details/Credits + Subscribing and Unsubscribing


FEATURE STORY:

1 Product from Application Security, Inc. Now Registered as Officially
"CVE-Compatible"

One additional information security product has achieved the final stage of
MITRE's formal CVE Compatibility Process and is now officially
"CVE-Compatible." The product is now eligible to use the CVE-Compatible
Product/Service logo, and a completed and reviewed "CVE Compatibility
Requirements Evaluation" questionnaire is posted for the product as part of
the organization's listing on the CVE-Compatible Products and Services page
on the CVE Web site. A total of 118 products to-date have been recognized as
officially compatible.

The following products are now registered as officially "CVE-Compatible":

* Application Security, Inc. - AppDetectivePro

Use of the official CVE-Compatible logo will allow system administrators and
other security professionals to look for the logo when adopting
vulnerability management products and services for their enterprises and the
compatibility process questionnaire will help end-users compare how
different products and services satisfy the CVE compatibility requirements,
and therefore which specific implementations are best for their networks and
systems.

For additional information about CVE compatibility and to review all
products and services listed, visit the CVE Compatibility Process and
CVE-Compatible Products and Services.

LINKS:

Application Security, Inc. -
http://cve.mitre.org/compatible/questionnaires/132.html

CVE Compatibility Process - http://cve.mitre.org/compatible/process.html

CVE-Compatible Products - http://cve.mitre.org/compatible/

---------------------------------------------------------------
UPCOMING EVENT:

MITRE to Host CVE/Making Security Measurable Booth at "InfoSec World 2011,"
April 19-21

MITRE will host a CVE/Making Security Measurable booth at "InfoSec World
Conference & Expo 2011" at Disney's Contemporary Resort in Orlando, Florida,
USA, on April 19-21, 2011.

Members of the CVE Team will be in attendance. Please stop by Booth 307 and
say hello!

Visit the CVE Calendar for information on this and other events.

LINKS:

InfoSec World 2011 - http://www.misti.com/infosecworld

Making Security Measurable - http://measurablesecurity.mitre.org/

CVE Calendar - http://cve.mitre.org/news/calendar.html

---------------------------------------------------------------
ALSO IN THIS ISSUE:

* CVE/Making Security Measurable Booth at "2011 Information Assurance
Symposium"

Read these stories and more news at http://cve.mitre.org/news

---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing

Managing Editor: Steve Boyle, Information Security Technical Center. Writer:
Bob Roberge. The MITRE Corporation (www.mitre.org) maintains CVE and
provides impartial technical guidance to the CVE Editorial Board on all
matters related to ongoing development of CVE.

To unsubscribe from the CVE-Announce e-newsletter, open a new email message
and copy the following text to the BODY of the message "SIGNOFF
CVE-Announce-list", then send the message to: listserv@lists.mitre.org. To
subscribe, send an email message to listserv@lists.mitre.org with the
following text in the BODY of the message: "SUBSCRIBE CVE-Announce-List".

Copyright 2011, The MITRE Corporation. CVE and the CVE logo are registered
trademarks of The MITRE Corporation.

For more information about CVE, visit the CVE Web site at
http://cve.mitre.org or send an email to cve@mitre.org. Learn more about
Making Security Measurable at http://measurablesecurity.mitre.org.

Posted by at No comments:

Wednesday, March 9, 2011

CVE Announce - March 9, 2011 (opt-in newsletter from the CVE Web site)

Welcome to the latest edition of the CVE-Announce e-newsletter. This email
newsletter is designed to bring recent news about CVE, such as new versions,
upcoming conferences, new Web site features, etc. right to your email box.
Common Vulnerabilities and Exposures (CVE) is the standard for information
security vulnerability names. CVE content results from the collaborative
efforts of the CVE Editorial Board, which is comprised of leading
representatives from the information security community. Details on
subscribing (and unsubscribing) to the email newsletter are at the end.
Please feel free to pass this newsletter on to interested colleagues.

Comments: cve@mitre.org

-------------------------------------------------------
CVE-Announce e-newsletter/March 9, 2011
-------------------------------------------------------

Contents:

1. Feature Story
2. Upcoming Event
3. Also in this Issue
4. Details/Credits + Subscribing and Unsubscribing


FEATURE STORY:

3 Products from 2 Organizations Now Registered as Officially
"CVE-Compatible"

Three additional information security products and services have achieved
the final stage of MITRE's formal CVE Compatibility Process and are now
officially "CVE-Compatible." The products and services are now eligible to
use the CVE-Compatible Product/Service logo, and a completed and reviewed
"CVE Compatibility Requirements Evaluation" questionnaire is posted for each
product as part of the organization's listing on the CVE-Compatible Products
and Services page on the CVE Web site. A total of 117 products to-date have
been recognized as officially compatible.

The following products are now registered as officially "CVE-Compatible":

* Rsam's
- Rsam Enterprise Governance, Risk and Compliance Platform

* NSFocus Information Technology (Beijing) Co., Ltd.'s
- NSFOCUS Network Intrusion Prevention System (NIPS)
- NSFOCUS Security Gate (SG)

Use of the official CVE-Compatible logo will allow system administrators and
other security professionals to look for the logo when adopting
vulnerability management products and services for their enterprises and the
compatibility process questionnaire will help end-users compare how
different products and services satisfy the CVE compatibility requirements,
and therefore which specific implementations are best for their networks and
systems.

For additional information about CVE compatibility and to review all
products and services listed, visit the CVE Compatibility Process and
CVE-Compatible Products and Services.

LINKS:

Rsam - http://www.rsam.com/

NSFocus Information Technology (Beijing) Co., Ltd. - http://www.nsfocus.com/

CVE Compatibility Process - http://cve.mitre.org/compatible/process.html

CVE-Compatible Products - http://cve.mitre.org/compatible/

---------------------------------------------------------------
UPCOMING EVENT:

Security Automation Developer Days - Spring 2011

MITRE will participate in the "Spring 2011 Security Automation Developer
Days" conference on March 22-25, 2011 held at the U.S. National Institute of
Standards and Technology (NIST) in Gaithersburg, Maryland, USA.

The conference will focus on discussing enhancements to existing Security
Content Automation Protocol (SCAP) specifications, content repository
automation and standardization, content development best practices, and
standardizing remediation capabilities. SCAP employs the CVE, CCE, CPE,
OVAL, XCCDF, and CVSS community standards to enable "automated vulnerability
management, measurement, and policy compliance evaluation."

For conference details and to register, visit:
http://www.nist.gov/itl/csd/sec-automation-developer.cfm.

---------------------------------------------------------------
ALSO IN THIS ISSUE:

* CVE/Making Security Measurable Booth at "2011 Information Assurance
Symposium"

* CVE/Making Security Measurable Booth at "RSA 2011"

Read these stories and more news at http://cve.mitre.org/news

---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing

Managing Editor: Steve Boyle, Information Security Technical Center. Writer:
Bob Roberge. The MITRE Corporation (www.mitre.org) maintains CVE and
provides impartial technical guidance to the CVE Editorial Board on all
matters related to ongoing development of CVE.

To unsubscribe from the CVE-Announce e-newsletter, open a new email message
and copy the following text to the BODY of the message "SIGNOFF
CVE-Announce-list", then send the message to: listserv@lists.mitre.org. To
subscribe, send an email message to listserv@lists.mitre.org with the
following text in the BODY of the message: "SUBSCRIBE CVE-Announce-List".

Copyright 2011, The MITRE Corporation. CVE and the CVE logo are registered
trademarks of The MITRE Corporation.

For more information about CVE, visit the CVE Web site at
http://cve.mitre.org or send an email to cve@mitre.org. Learn more about
Making Security Measurable at http://measurablesecurity.mitre.org.

Posted by at No comments:
Subscribe to: Comments (Atom)