Elly Yates-Roberts |
Software developer Devolutions has joined the Common Vulnerabilities and Exposures (CVE) programme as a CVE Numbering Authority (CNA), a move that is an example of its “longstanding commitment to cybersecurity”, says chief security officer Martin Lemay.
As a CNA, Devolutions will join other industry leaders to streamline the process of publishing accurate and timely security vulnerability information.
According to Devolutions, the CVE aims to “identify, define and catalogue publicly disclosed cybersecurity vulnerabilities”. Using CVE IDs, the community can refer to vulnerabilities in a standardised way and enable reported vulnerabilities to be published in a timely manner once a fix is available. IT and cybersecurity professionals use CVE Records to ensure they are discussing the same issue and to coordinate their efforts to prioritise and address vulnerabilities.
“Managing and communicating product vulnerabilities in a transparent fashion should be at the very core of every software company’s quality assurance,” said Martin Lemay, chief security officer for Devolutions. “We want all of our customers to rest assured that they can trust our solutions to help them with security efforts as well as count on us as a company to be transparent about our own security practices. Achieving CNA designation is yet another example of our longstanding commitment to cybersecurity.”