Ivanti Authorized by the CVE Program as a CVE Numbering Authority (CNA)
30 Julio 2024 - 4:35PM
Business Wire
Continues to Develop a Best-in-Class
Vulnerability Management Program
Ivanti, the tech company that breaks down barriers between IT
and security so that Everywhere Work can thrive, has been
authorized by the CVE Program as a CVE Numbering Authority (CNA).
By becoming a CNA, Ivanti is fulfilling commitments it made to
provide improvements to its security operating model, including
elevating the vulnerability management program.
The mission of the Common Vulnerabilities and Exposures (CVE®)
Program is to identify, define, and catalog publicly disclosed
cybersecurity vulnerabilities. As a CNA partner, Ivanti can assign
CVEs for security issues found in its own software products.
Partners publish CVE Records to communicate consistent descriptions
of vulnerabilities. Information technology and cybersecurity
professionals use CVE Records to ensure they are discussing the
same issue, and to coordinate efforts to prioritize and address
vulnerabilities.
“This is the next step in elevating our vulnerability management
program to be "best-in-class" and further execution on our CISA
Secure by Design pledge. Finding, fixing and disclosing
vulnerabilities in a responsible and transparent way is a positive
attribute of any software vendor,” said Daniel Spicer, Chief
Security Officer at Ivanti. “Security is a shared responsibility
between software vendors and their customers, and by becoming a CVE
Numbering Authority we are enabling a greater measure of
accountability for our organization and demonstrating our
commitment to continuous improvement and transparency.”
Ivanti is dedicated to ensuring the security and integrity of
our enterprise software products. We recognize the vital role that
security researchers, ethical hackers, and the broader security
community play in identifying and reporting vulnerabilities. Visit
HERE to learn more about our Vulnerability Disclosure Policy.
About Ivanti
Ivanti breaks down barriers between IT and security so that
Everywhere Work can thrive. Ivanti has created the first
purpose-built technology platform for CIOs and CISOs – giving IT
and security teams comprehensive software solutions that scale with
their organizations’ needs to enable, secure and elevate employees'
experiences. The Ivanti platform is powered by Ivanti Neurons - a
cloud-scale, intelligent hyperautomation layer that enables
proactive healing, user-friendly security across the organization,
and provides an employee experience that delights users. Over
40,000 customers, including 85 of the Fortune 100, have chosen
Ivanti to meet challenges head-on with its end-to-end solutions. At
Ivanti, we strive to create an environment where all perspectives
are heard, respected and valued and are committed to a more
sustainable future for our customers, partners, employees and the
planet. For more information, visit www.ivanti.com and follow
@GoIvanti.
About the CVE Program
The mission of the Common Vulnerabilities and Exposures (CVE®)
Program is to identify, define, and catalog publicly disclosed
cybersecurity vulnerabilities. There is one CVE Record for each
vulnerability in the catalog. The vulnerabilities are discovered
then assigned and published by organizations from around the world
that have partnered with the CVE Program. Partners publish CVE
Records to communicate consistent descriptions of vulnerabilities.
Information technology and cybersecurity professionals use CVE
Records to ensure they are discussing the same issue, and to
coordinate their efforts to prioritize and address the
vulnerabilities.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240730409787/en/
press@ivanti.com