Stay in touch

Application security insights and invitations to exclusive events in your inbox


Your data will stay confidential Private and Confidential

CVE format update: High-Tech Bridge among leading cybersecurity companies and vendors

September 18, 2014

High-Tech Bridge is among the early adopters of new CVE format to ensure that our services, products, and processes are compatible with CVE-ID numbers that are issued using the new syntax.


CVE format update

High-Tech Bridge is proud to be among the leading cybersecurity companies, organizations and vendors compliant with new CVE-ID syntax. Early adopters of the new CVE-ID format include:

  • Adobe
  • CERIAS at Purdue University
  • CERT Coordination Center (CERT/CC)
  • CERT-IST; EMC Corporation
  • High-Tech Bridge SA
  • IBM
  • ICS-CERT
  • Information-technology Promotion Agency, Japan (IPA)
  • Japan Computer Emergency Response Team Coordination Center (JPCERT/CC)
  • LP3
  • Microsoft Corporation
  • National Institute of Standards and Technology, National Vulnerability Database (NVD)
  • NSFOCUS
  • Oracle
  • Red Hat, Inc.
  • SecurityTracker
  • SUSE LLC
  • Symantec Corporation.

Mr. Ilia Kolochenko, CEO of High-Tech Bridge, says: "Number of software vulnerabilities is continuously growing every year and it is very important to make sure that each discovered vulnerability has a unique globally-recognized identifier, such as CVE-ID. The new format of CVE-ID is an efficient response to the growth that will ensure that despite the increasing number of new vulnerabilities they will remain manageable.

MITRE and their CVE program play an extremely important role in the industry by enabling security researchers, software companies, penetration testers and vulnerability databases to coordinate their efforts aimed to make Internet and its end-users secure.

At High-Tech Bridge we are proud to be part of MITRE's CVE program that we use both for our security research and our information security services."

The CVE dictionary contains more than 63,000 unique entries. Products, services and organizations around the world use CVE-IDs to help enhance information security, and CVE is formally recommended by the International Telecommunication Union (ITU-T) standards body for worldwide use.

High-Tech Bridge’s Security Advisories, that helped more than 300 software vendors to fix security vulnerabilities and weaknesses in their products, are certified CVE and CWE compatible since 2012.

High-Tech Bridge’s web application penetration testing SaaS, called ImmuniWeb®, is certified CVE and CWE compatible since 2013.


User Comments
Add Comment

High-Tech Bridge on Facebook High-Tech Bridge on Twitter High-Tech Bridge on LinkedIn High-Tech Bridge RSS Feeds Send by Email
Share
Let's Talk