June 3, 2024

NIST expects to clear backlog in vulnerabilities database by end of fiscal year

therecord.media

Contributed by: Drex DeFord

Summary

The National Institute of Standards and Technology (NIST) has contracted an external vendor to address the backlog of software and hardware vulnerabilities in the National Vulnerability Database (NVD). This backlog emerged after NIST announced cutbacks in February 2023, causing delays in the enrichment and processing of new vulnerabilities. NIST, working with the Cybersecurity and Infrastructure Agency (CISA), aims to resume previous processing rates within a few months and clear the backlog by the end of the fiscal year. NIST's funding decreased by 12% this year, affecting its capacity. To improve the NVD program sustainably, NIST is updating technology and processes and emphasizes the need for automation in vulnerability management. CISA has initiated the “Vulnrichment” effort to enhance the information available on vulnerabilities. Experts and former officials stress that restoring NVD functionality is crucial for maintaining cybersecurity defenses.

Read Full Story

Explore Related Topics

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

NIST expects to clear backlog in vulnerabilities database by end of fiscal year

Share this story:

Explore Related Topics

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

Peer Curated News

Direct to your Inbox

Your career accelerator!

Search

Healthcare Transformation Powered by Community