Welcome to the latest issue of the CVE-Announce e-newsletter. This email newsletter is
designed to bring recent news about CVE, such as new versions, upcoming conferences,
new Web site features, etc. right to your email box. Common Vulnerabilities and
Exposures (CVE) is the standard for information security vulnerability names. CVE
content results from the collaborative efforts of the CVE Editorial Board, which is
comprised of leading representatives from the information security community. Details
on subscribing (and unsubscribing) to the email newsletter are at the end. Please feel
free to pass this newsletter on to interested colleagues.
Comments: cve@mitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/October 7, 2013
-------------------------------------------------------
Contents:
1. Feature Story
2. Compatibility Program Updates
3. Also in this Issue
4. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
CVE-ID Syntax Changing on January 1, 2014
The ID syntax for Common Vulnerabilities and Exposures (CVE) vulnerability
identifiers, or "CVE-IDs", will change on January 1, 2014.
All CVE consumers - vendors, end users, researchers, CVE Numbering Authorities (CNAs),
etc. - will be affected by the CVE-ID syntax change.
Learn more on the CVE-ID Syntax Change page at
https://cve.mitre.org/cve/identifiers/syntaxchange.html.
LINKS:
CVE-ID Syntax Change page - https://cve.mitre.org/cve/identifiers/syntaxchange.html
Syntax Change Infographic - https://cve.mitre.org/cve/identifiers/cve-ids.html
Syntax Change FAQs - https://cve.mitre.org/about/faqs.html#f
---------------------------------------------------------------
CVE COMPATIBILITY PROGRAM UPDATES:
* 4 Products from SecPoint Now Registered as Officially "CVE-Compatible"
Four additional information security products have achieved the final stage of MITRE's
formal CVE Compatibility Process and are now officially "CVE-Compatible." The product
is now eligible to use the CVE-Compatible Product/Service logo, and a completed and
reviewed "CVE Compatibility Requirements Evaluation" questionnaire is posted for the
product as part of the organization's listing on the CVE-Compatible Products and
Services page on the CVE Web site. A total of 155 products to-date have been
recognized as officially compatible.
The following products are now registered as officially "CVE-Compatible":
SecPoint ApS's
* SecPoint Penetrator
* SecPoint Cloud Penetrator
* SecPoint Portable Penetrator
* SecPoint Protector UTM Firewall
Use of the official CVE-Compatible logo will allow system administrators and other
security professionals to look for the logo when adopting vulnerability management
products and services for their enterprises and the compatibility process
questionnaire will help end-users compare how different products and services satisfy
the CVE compatibility requirements, and therefore which specific implementations are
best for their networks and systems.
* 2 New Declarations to Be CVE-Compatible
IBM declared that its vulnerability management product, IBM QRadar Vulnerability
Manager, is CVE-Compatible.
In addition, Cr0security declared that its Cr0security Penetration Testing and
Consultant Services are CVE-Compatible.
For additional information about CVE compatibility and to review all products and
services listed, visit the CVE Compatibility Process and CVE-Compatible Products and
Services pages on the CVE Web site.
LINKS:
SecPoint Penetrator - https://cve.mitre.org/compatible/questionnaires/152.html
SecPoint Cloud Penetrator - https://cve.mitre.org/compatible/questionnaires/153.html
SecPoint Portable Penetrator -
https://cve.mitre.org/compatible/questionnaires/154.html
SecPoint Protector UTM Firewall -
https://cve.mitre.org/compatible/questionnaires/155.html
IBM QRadar Vulnerability Manager -
https://cve.mitre.org/compatible/organizations.html#i
Cr0security Penetration Testing and Consultant Service -
https://cve.mitre.org/compatible/organizations.html#c
CVE Compatibility Process - https://cve.mitre.org/compatible/process.html
CVE Compatibility Requirements - https://cve.mitre.org/compatible/requirements.html
CVE-Compatible Products and Services - https://cve.mitre.org/compatible/
Make a Declaration - https://cve.mitre.org/compatible/make_a_declaration.html
---------------------------------------------------------------
ALSO IN THIS ISSUE:
* Unreliability of Vulnerability Data and Statistics Briefing at "Black Hat Briefings
2013"
* MITRE Hosts CVE Booth at "Black Hat Briefings 2013"
Read these stories and more news at https://cve.mitre.org/news
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Steve Boyle, Information Security Technical Center. Writer: Bob
Roberge. The MITRE Corporation (www.mitre.org) maintains CVE and provides impartial
technical guidance to the CVE Editorial Board on all matters related to ongoing
development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email message and copy
the following text to the BODY of the message "SIGNOFF CVE-Announce-list", then send
the message to: listserv@lists.mitre.org. To subscribe, send an email message to
listserv@lists.mitre.org with the following text in the BODY of the message:
"SUBSCRIBE CVE-Announce-List".
Copyright 2013, The MITRE Corporation. CVE and the CVE logo are registered trademarks
of The MITRE Corporation.
For more information about CVE, visit the CVE Web site at https://cve.mitre.org or
send an email to cve@mitre.org.
Learn more about Making Security Measurable at http://measurablesecurity.mitre.org and
Strengthening Cyber Defense at
http://www.mitre.org/work/cybersecurity/cyber_standards.html.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment