Feds embark on new plan to help cyber defenders' find and detect bugs on systems
publication
|
Summary
The article discusses a shift in handling software vulnerabilities by U.S. cybersecurity agencies. The National Institute of Standards and Technology (NIST) has encountered a slowdown in updating the National Vulnerability Database (NVD), which is critical for scanning systems for security flaws. In response, the Cybersecurity and Infrastructure Security Agency (CISA) initiated the "Vulnrichment" program to enhance the database by independently testing vulnerabilities and providing detailed enrichment data, which includes severity assessments. This initiative, which involves collaborative efforts between NIST and CISA, aims to more efficiently address and mitigate vulnerabilities, enhancing the security infrastructure against potential threats.