Milestone Systems, a prominent figure in video technology, has announced a partnership with the Common Vulnerability and Exposures (CVE) program to become a CVE Numbering Authority (CNA). The alliance was motivated by the common goal of both entities – to identify, describe, and catalog known cyber security threats.
The CVE Community Program operates on a global scale, making it easier for organizations around the world to discover and share information about cybersecurity vulnerabilities. These discoveries are converted into CVE records, complete with detailed problem details. CVE Records serves as a common foundation for IT and cybersecurity professionals to effectively communicate and collaborate to resolve an identified issue.
Milestone Systems CEO, Thomas Jensen, provided insights into the driving force behind their inclusion in the CVE program. It states, “Milestone Systems is committed to cybersecurity transparency across our business. As Responsible Technology becomes a license to operate, we believe people have the right to feel safe knowing they can trust video technology.”
This alliance elevates the partnership to benefit not only both organizations but also their wider communities. Milestone Systems will now publish any mitigated vulnerabilities, increasing trust in the user community. Jensen adds, “As a CVE program partner, we will now release information about mitigated vulnerabilities to the broader community, enabling Milestone to coordinate and address potential issues even more effectively. This will further strengthen our cybersecurity and continue to build trust in our XProtect open platform video management software.” ”
Under the new partnership, cybersecurity vulnerabilities will be logged and reported through Milestone’s existing channels. The change will be implemented through registration under CVE ID numbers. In addition, vulnerabilities and their associated mitigation methods will be available through both the Milestone profile on the CVE website and the Milestone website. This ensures that information is readily available, promoting quick and efficient resolution.
The CVE Program is a flagship cybersecurity entity with a dedicated mission: to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Each vulnerability is assigned a unique CVE record. Such organization and availability of information pave the way for effective dialogue and negotiation between IT and cyber security professionals. As a global initiative, the CVE Program encourages organizations around the world to get involved and contribute their knowledge and expertise to enhance overall cybersecurity efforts.