In this episode of Infosecurity Magazine's podcast, we delve into the critical realm of vulnerability management, exploring the pivotal roles played by two US government-funded security programs that today are under pressure as vulnerability reporting explodes.
Join us as we discus the latest developments involving the National Vulnerability Database (NVD), operated by a dedicated team within NIST, which has been under pressure for the last 12 months.
We’ll also touch on the recent uncertainty relating to the CVE Program, sponsored by the US Department of Homeland Security (DHS) and CISA and managed by the non-profit MITRE Corporation.
These programs serve as essential data sources for organizations worldwide, enabling them to identify, prioritize and remediate vulnerabilities effectively.
Our discussion is enriched by insights from expert guests, including:
- Brian Martin, former member of the CVE Board (10:23)
- Stephen Shaffer, a principal security engineer at a leading pharmaceutical company (26:55)
- Rose Gupta, Cyber Exposure Management Lead at AssuredPartners (39:43)
Discover more from our sponsor, Vanta, here.
Sing up to receive Infosecurity Magazine's weekly newsletter here.
