News – CyberDanube https://cyberdanube.com/de/ Vorbereitung ist der Schlüssel zum Erfolg Wed, 29 Mar 2023 04:34:23 +0000 de-DE hourly 1 https://wordpress.org/?v=6.6.2 https://cyberdanube.com/wp-content/uploads/2022/02/favicon_32x32.png News – CyberDanube https://cyberdanube.com/de/ 32 32 [EN] CyberDanube is now authorized as CNA (CVE Numbering Authority) https://cyberdanube.com/de/cyberdanube-is-now-authorized-as-cna/ Tue, 28 Mar 2023 11:00:59 +0000 https://cyberdanube.com/en/?p=4341

Background

In the course of the development of the SaaS tool >MEDUSA< we frequently do research on firmware samples. Therefore, we often identify undiscovered vulnerabilities and security gaps, as recent publications and talks have proven.

We reported such vulnerabilities to vendors and requested CVE (Common Vulnerabilities and Exposures) tracking numbers via official ways at MITRE. As we detect a high number of vulnerabilities with firmware emulation, we need a lot of CVE numbers. To accelerate this process for us and for our customers in the future, we have applied to become a CNA (CVE Numbering Authority).

CVE Numbering Authorities (CNAs)

Definition

„CNAs are vendor, researcher, open source, CERT, hosted service, and bug bounty provider organizations authorized by the CVE Program to assign CVE IDs to vulnerabilities and publish CVE Records within their own specific scopes of coverage.“

https://www.cve.org/ProgramOrganization/CNAs

Benefits

Starting with March, 2023, CyberDanube is an official CNA! We affirm our commitment and leadership in the field of cybersecurity, which is incorporated in our MEDUSA and BCDR products. Not only will this allow us to fully manage the CVE number publication process, but it will also significantly streamline the vulnerability disclosure process and allow us to view locked down information, providing our customers with valuable first-hand vulnerability information to their customer base.

Outlook

Currently, 281 partners from 36 countries are registered as official CNA. (As of March 2023). CyberDanube is now 1 of only 2 (!) CNAs in Austria, and the first research CNA in this country. We are proud of this remarkable milestone and look forward to working on our cybersecurity tools and uncovering more zero-day vulnerabilities. In the future we will be able to report all findings in a regulated, transparent, quick and efficient way.

See the CVE Program announcement: www.cve.org/Media/News

We are happy to get in touch for further discussions, questions and in particular, interest in the topic!

Contact: office [at] cyberdanube.com

]]>