Bugcrowd, the pioneer in crowdsourced cybersecurity announced it has been authorised by the CVE programme as a CVE Numbering Authority (CNA).

CVE programme

The Common Vulnerabilities and Exposures (CVE(r)) programme is an international, community-based effort that relies on the community to discover vulnerabilities. 

The mission of CVE is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. The discovered vulnerabilities are then assigned and published to the CVE List, which feeds the U.SNational Vulnerability Database (NVD).

CVE Record

CNAs are organisations responsible for the regular assignment of CVE IDs to vulnerabilities

There is one CVE Record for each vulnerability in the catalog. The CVE Records published in the catalog enable programme stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks. The CVE List is built by CVE Numbering Authorities (CNAs) and every CVE Record added to the list is assigned by a CNA.

CNAs are organisations responsible for the regular assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the Vulnerability in the associated CVE Record. Each CNA has a specific scope of responsibility for vulnerability identification and publishing.

CVE Numbering Authority

"Bugcrowd is proud to be authorised as a CVE Numbering Authority by the CVE programme, and we're very excited to be working even more closely with the international security community to align our efforts in identifying and cataloging dangerous vulnerabilities," said Casey Ellis, Founder and Chief Technology Officer of Bugcrowd.

Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue and to coordinate their efforts to prioritise and address the vulnerabilities.

CVE enables two or more people or tools to refer to a vulnerability and know they are talking about the same thing, resulting in significant time and cost savings.

CVE Working Groups

CVE Working Groups develop the programme's policies and are open to the community

The CVE Board, which drives the direction of the CVE programme, consists of industry, academic, and government representatives from around the world. CVE Working Groups develop the programme's policies (approved by the CVE Board) and are open to the community.

CVE and the CVE logo are registered trademarks of The MITRE Corporation. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA).

Public/private partnership

CISA funds the Homeland Security Systems Engineering and Development Institute (HSSEDI), a DHS Federally Funded Research and Development Center (FFRDC) operated by The MITRE Corporation, to operate the CVE programme in cooperation with industry, government, and academic stakeholders under a public/private partnership.

"Bugcrowd" and "Bugcrowd Security Knowledge Platform" are trademarks of Bugcrowd Inc. and its subsidiaries. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

Download PDF version Download PDF version

In case you missed it

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Protect assets with BCD's hybrid cloud NVR solutions
Protect assets with BCD's hybrid cloud NVR solutions

Like any retail franchise, car dealerships that have multiple locations nationwide require comprehensive, reliable, and scalable video surveillance solutions to protect their busin...

Quick poll
What is the most significant challenge facing smart building security today?