Welcome to the latest edition of the CVE-Announce e-newsletter. This email
newsletter is designed to bring recent news about CVE, such as new versions,
upcoming conferences, new Web site features, etc. right to your email box.
Common Vulnerabilities and Exposures (CVE) is the standard for information
security vulnerability names. CVE content results from the collaborative
efforts of the CVE Editorial Board, which is comprised of leading
representatives from the information security community. Details on
subscribing (and unsubscribing) to the email newsletter are at the end.
Please feel free to pass this newsletter on to interested colleagues.
Comments: cve@mitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/May 16, 2012
-------------------------------------------------------
Contents:
1. Feature Story
2. Upcoming Event
3. Also in this Issue
4. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
1 Product from Beijing Venustech Now Registered as Officially
"CVE-Compatible"
One additional information security product has achieved the final stage of
MITRE's formal CVE Compatibility Process and is now officially
"CVE-Compatible." The product is now eligible to use the CVE-Compatible
Product/Service logo, and a completed and reviewed "CVE Compatibility
Requirements Evaluation" questionnaire is posted for the product as part of
the organization's listing on the CVE-Compatible Products and Services page
on the CVE Web site. A total of 129 products to-date have been recognized as
officially compatible.
The following product is now registered as officially "CVE-Compatible":
* Beijing Venustech Cybervision Co., Ltd. - Beijing Venustech (Venusense
UTM)
Use of the official CVE-Compatible logo will allow system administrators and
other security professionals to look for the logo when adopting
vulnerability management products and services for their enterprises and the
compatibility process questionnaire will help end-users compare how
different products and services satisfy the CVE compatibility requirements,
and therefore which specific implementations are best for their networks and
systems.
For additional information about CVE compatibility and to review all
products and services listed, visit the CVE Compatibility Process and
CVE-Compatible Products and Services.
LINKS:
Beijing Venustech - http://cve.mitre.org/compatible/questionnaires/144.html
CVE Compatibility Process - http://cve.mitre.org/compatible/process.html
CVE-Compatible Products and Services - http://cve.mitre.org/compatible/
Make a Declaration - http://cve.mitre.org/compatible/make_a_declaration.html
---------------------------------------------------------------
UPCOMING EVENT:
Registration Now Open for "Security Automation Developer Days 2012" on July
9-13
MITRE Corporation will host the fourth "Security Automation Developer Days"
conference on July 9-13, 2012, at MITRE in Bedford, Massachusetts, USA. This
five-day conference is technical in nature and will focus on the U.S.
National Institute of Standards and Technology's (NIST) Security Content
Automation Protocol (SCAP).
The purpose of the event is for the community to discuss SCAP - and those
existing standards upon which it is based including Common Configuration
Enumeration (CCE), Common Platform Enumeration (CPE), Open Vulnerability and
Assessment Language (OVAL), Extensible Configuration Checklist Description
Format (XCCDF) - in technical detail and to derive solutions that benefit
all concerned parties. All current and emerging SCAP standards are addressed
at this workshop.
MITRE first hosted Developer Days in 2005 and has been running them annually
ever since. The model for these technical exchanges has since been adopted
as the format used by the Security Automation community.
An agenda will be available soon. For registration, lodging, and other
conference details, please visit: https://register.mitre.org/devdays/.
LINKS:
Security Automation Developer Days 2012 - https://register.mitre.org/devdays
SCAP - http://scap.nist.gov/
Current SCAP Standards - http://scap.nist.gov/revision/index.html
Emerging SCAP Standards - http://scap.nist.gov/emerging-specs/index.html
CVE Calendar - http://cve.mitre.org/news/calendar.html
---------------------------------------------------------------
ALSO IN THIS ISSUE:
* New CVE Editorial Board Member for Cisco
* CVE List Surpasses 50,000 CVE Identifiers
Read these stories and more news at http://cve.mitre.org/news
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Steve Boyle, Information Security Technical Center. Writer:
Bob Roberge. The MITRE Corporation (www.mitre.org) maintains CVE and
provides impartial technical guidance to the CVE Editorial Board on all
matters related to ongoing development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email message
and copy the following text to the BODY of the message "SIGNOFF
CVE-Announce-list", then send the message to: listserv@lists.mitre.org. To
subscribe, send an email message to listserv@lists.mitre.org with the
following text in the BODY of the message: "SUBSCRIBE CVE-Announce-List".
Copyright 2012, The MITRE Corporation. CVE and the CVE logo are registered
trademarks of The MITRE Corporation.
For more information about CVE, visit the CVE Web site at
http://cve.mitre.org or send an email to cve@mitre.org. Learn more about
Making Security Measurable at http://measurablesecurity.mitre.org.
.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment