CISA Joins MITRE to Issue Vulnerability Identifiers

The US Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has taken over responsibility for assigning Common Vulnerability Enumeration (CVE) identifiers for software vulnerabilities in two specific industries — medical devices and industrial control systems — as part of a planned expansion in the number of organizations managing vulnerability information, according to CISA and government contractor MITRE. CISA, which informs and manages cybersecurity risk for the United States, will become a so-called “root-level CVE Number Authority (CNA),”

Read full article on Dark Reading