NEW DELHI: Since its start, the Indian Computer Emergency Response Team (CERT-In) has been responsible for vulnerability disclosure and coordination for vulnerabilities reported to it, in accordance with its vulnerability coordination duty as a National CERT. CERT-In has joined with the Common Vulnerabilities and Exposures (CVE) Program to take a step forward in strengthening confidence in “Make in India” and cultivating responsible vulnerability research in the country. In this regard, the CVE Program has recognised the Indian Computer Emergency Response Team (CERT-In) as a CVE Numbering Authority (CNA) for vulnerabilities affecting any products created, produced, and manufactured in India.
CVE is an international, community-driven project that relies on the community to identify vulnerabilities. The found vulnerabilities are then assigned and reported to the CVE List. CVE Records are used by information technology and cybersecurity experts to ensure that they are discussing the same issue and to coordinate their efforts to prioritise and resolve vulnerabilities.
The CVE Program’s purpose is to detect, define, and classify publicly disclosed cybersecurity vulnerabilities. It is a global, community-based project that relies on the community to identify vulnerabilities. Organizations from across the world that have worked with the CVE Program detect, assign, and publicise vulnerabilities. CVE Records are published by partners in order to transmit standard descriptions of vulnerabilities.
CNAs are organisations in charge of assigning CVE IDs to vulnerabilities on a regular basis, as well as compiling and publishing information about the vulnerability in the CVE Record. CVE Numbering Authorities compile the CVE List (CNAs). A CNA is assigned to each CVE Record added to the list. The CVE Records in the catalogue allow programme stakeholders to quickly find and correlate vulnerability information that may be utilised to defend systems against assaults. Each CNA has a distinct scope of responsibilities for identifying and publicising vulnerabilities. To disclose vulnerability to CERT-In or to learn more about the responsible disclosure process, visit the CERT-In website @ https://www.cert-in.org.in
Follow The420.in on