Security

The CVE program for tracking security flaws is about to lose federal funding

By Juwan Chacko
2 Min Read
The CVE program for tracking security flaws is about to lose federal funding

Funding Concerns Arise for Critical Cybersecurity Program

The Common Vulnerabilities and Exposures (CVE) program, utilized by tech giants like Microsoft, Google, Apple, Intel, and AMD to pinpoint and monitor cybersecurity vulnerabilities, is facing a funding crisis. This program plays a crucial role in helping engineers assess the severity of exploits and prioritize the application of necessary patches and safeguards.

Impending Deadline for CVE Program

MITRE, the organization responsible for managing the CVE program, has revealed that their contract to maintain and enhance CVE is set to expire on April 16th, as reported by The Verge. This development has raised concerns within the cybersecurity community.

The Essence of CVE

Since its inception in 1999, the CVE program has served as a centralized repository where organizations can assign unique identifiers to known cybersecurity vulnerabilities. These identifiers, such as CVE-2022-27254, enable security professionals to track and address potential threats that could impact various devices and systems crucial to our daily activities.

Global Ramifications of Funding Shortfall

Security and privacy researcher Lukasz Olejnik has warned that a lack of support for the CVE program could have dire consequences on cybersecurity worldwide. Without proper funding, the coordination among vendors, analysts, and defense systems could falter, leading to confusion and vulnerabilities going unaddressed.

Commitment to Cybersecurity

MITRE’s Vice President and Director at the Center for Securing the Homeland, Yosry Barsoum, reassured that efforts are being made to sustain the CVE program as a vital global resource. However, the potential funding shortage may also impact the Common Weakness Enumeration program, which focuses on documenting hardware and software vulnerabilities.

See also  Unleashing the Power of AI: Transforming Networking and Security at Cisco Live

Government Support and Funding Sources

The funding for MITRE’s CVE program originates from the US Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA). These agencies play a crucial role in ensuring the independence and objectivity of the CVE program, which is essential for maintaining cybersecurity standards.

Source: Original Article

TAGGED: , , , , , , ,
Share This Article
Previous Article 4chan’s ‘cesspool of the internet’ is down after apparently being hacked 4chan’s ‘cesspool of the internet’ is down after apparently being hacked
Next Article Trump administration decides to fund CVE cybersecurity tracker after all Trump administration decides to fund CVE cybersecurity tracker after all
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Trusted Source for Accurate and Timely Updates!

Our commitment to accuracy, impartiality, and delivering breaking news as it happens has earned us the trust of a vast audience. Stay ahead with real-time updates on the latest events, trends.

Popular Posts

The Mind of Claude: How Anthropic Scientists Unleashed a New Consciousness

Summary of the blog: 1. Researchers injected the concept of "betrayal" into a large language

Skyramp Secures $10 Million in Seed Investment

Summary: Skyramp, an AI-driven testing and debugging tool for engineering teams, secured $10M in seed

AMD’s Instinct MI350: Revolutionizing AI Competition with Rack-Scale Platform Advancements

Summary: 1. AMD announced the release of ROCm 7 and the availability of its Developer

Driven to Win: A Cybersecurity Engineer’s Thrilling Hobby in RC Car Racing

Dan Rico, a security engineer at Truveta, is not just a tech professional; he also

US Tightens Controls on AI Technology and Chip Exports

Summary: 1. The Department of Commerce canceled the AI Diffusion Rule just before it was