Plan to resuscitate beleaguered vulnerability database draws criticism
CyberScoop
|
Contributed by: Drex DeFord
Summary
The National Institute of Standards and Technology's National Vulnerability Database (NVD), a critical tool for computer security worldwide, has experienced significant reductions in provided key metadata, impacting cybersecurity efforts. Tanya Brewer, the program's manager, announced plans to form an external consortium to enhance the database, acknowledging its current inadequacies and outlining improvements such as customizable alerts, new data types, and automation in the analysis of vulnerabilities. However, the initiative has faced criticism for potentially being too slow and bureaucratic, with concerns over the time it could take to form the consortium and doubts about its effectiveness in addressing the urgent issues the NVD faces, including a backlog caused by increased submissions, unchanged staff levels, and budget cuts.
