CISA starts CVE “vulnrichment” program

The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown. NVD is failing Since 1999, NVD analysts have been adding CVE-numbered vulnerabilities to the database, after analyzing public data about them to “enrich” each entry with impact metrics (CVSS), vulnerability types (CWE), applicability statements (CPE), links to security advisories, and more. This database … More →

The post …

agency analysts cisa cve cybersecurity data database don't miss gap hot stuff infrastructure national national vulnerability database nist nvd program project public vulnerabilities vulnerability vulnerability assessment vulnerability database vulnerability management