Last active
April 27, 2024 14:50
-
-
Save pombredanne/89f4282c8d7136b42bf9a1b9d6ec1b14 to your computer and use it in GitHub Desktop.
ND statement history diff from https://web.archive.org/web/*/https://nvd.nist.gov/general/news/nvd-program-transition-announcement
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| NVD Program Announcement UPDATED - April, 25th 2024 | |
| NIST maintains the National Vulnerability Database (NVD), a repository of | |
| information on software and hardware flaws that can compromise computer security. | |
| This is a key piece of the nation’s cybersecurity infrastructure. | |
| There is a growing backlog of vulnerabilities submitted to the NVD and requiring | |
| analysis. This is based on a variety of factors, including an increase in software | |
| and, therefore, vulnerabilities, as well as a change in interagency support. | |
| Currently, we are prioritizing analysis of the most significant vulnerabilities. | |
| In addition, we are working with our agency partners to bring on more support for | |
| analyzing vulnerabilities and have reassigned additional NIST staff to this task | |
| as well. | |
| We are also looking into longer-term solutions to this challenge, including the | |
| establishment of a consortium of industry, government, and other stakeholder organizations | |
| that can collaborate on research to improve the NVD. | |
| NIST is committed to its continued support and management of the NVD. Currently, we are focused | |
| on our immediate plans to address the CVE backlog, but plan to keep the community posted | |
| on potential plans for the consortium as they develop. | |
| For questions and concerns, you can contact nvd@nist.gov. | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment