Exposing threats

Mirantis Now Part of Common Vulnerabilities and Exposures Program

Open cloud company Mirantis has announced its designation as a Numbering Authority by the Countering Violent Extremism Program, an initiative sponsored by the Department of Homeland Security. The CVE Program is an international, community-based effort that relies on the community to discover vulnerabilities, Mirantis said Tuesday.

In a statement, Adam Parco, Mirantis’ chief technology officer, said that security has always been a priority in his company, but with the recent designation, the firm can join the industry initiative toward having a consistent, standardized way of disclosing known vulnerabilities. He added that this will lead to a more structured, coordinated approach to resolution for users.

Mirantis now can streamline the process of publishing accurate and timely vulnerability information so its users are well informed and able to quickly resolve security vulnerabilities. The company’s Product Security Incident Response Team is authorized to assign CVE identification numbers to security vulnerabilities in its products, Mirantis added.

The CVE Program is sponsored by the Cybersecurity and Infrastructure Security Agency and is operated by Mitre in close collaboration with international industry, academic and government stakeholders.

Mirantis and other program partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue and to coordinate their efforts to prioritize and address the vulnerabilities, the company explained.

The mission of the CVE Program is to identify, define and catalog publicly disclosed cybersecurity vulnerabilities. Once discovered, the vulnerabilities are then assigned and published by organizations from around the world that have partnered with the program.