Open cloud company, Mirantis announced the company’s designation as a CVE Numbering Authority by the Common Vulnerabilities and Exposures Program, which the U.S. Department of Homeland Security sponsors. It allows Mirantis Product Security Incident Response Team to authorize to assign CVE identification numbers to security vulnerabilities in Mirantis products.
Identify, define, and catalog vulnerabilities
As a CNA, the company will be able to streamline the process of publishing accurate and timely vulnerability information to inform users, allowing them to resolve security vulnerabilities quickly.
The CVE Program is an international, community-based effort that relies on the community to discover vulnerabilities. Discovered vulnerabilities are assigned and published to the CVE List. The program partners publish CVE Records to communicate consistent descriptions of vulnerabilities.
The program is sponsored by the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security and is operated by the MITRE Corporation.
Adam Parco, CTO of Mirantis said,
« Security has always been a priority and now as a CNA, we’ll join the industry initiative to have a consistent, standardized way of disclosing known vulnerabilities, so there can be a structured, coordinated approach to resolution for our users. »