|
1 | 1 | { |
2 | 2 | "currentNews": [ |
| 3 | + { |
| 4 | + "id": 554, |
| 5 | + "newsType": "news", |
| 6 | + "title": "Arteche Added as CVE Numbering Authority (CNA)", |
| 7 | + "urlKeywords": "Arteche Added as CNA", |
| 8 | + "date": "2025-07-29", |
| 9 | + "description": [ |
| 10 | + { |
| 11 | + "contentnewsType": "paragraph", |
| 12 | + "content": "<a href='/PartnerInformation/ListofPartners/partner/Arteche'>Arteche</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for Arteche issues only." |
| 13 | + }, |
| 14 | + { |
| 15 | + "contentnewsType": "paragraph", |
| 16 | + "content": "To date, <a href='/PartnerInformation/ListofPartners'>461 CNAs</a> (458 CNAs and 3 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>39 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Arteche is the 10th CNA from Spain." |
| 17 | + }, |
| 18 | + { |
| 19 | + "contentnewsType": "paragraph", |
| 20 | + "content": "Arteche’s Root is the <a href='/PartnerInformation/ListofPartners/partner/INCIBE'>Spanish National Cybersecurity Institute (INCIBE) Root</a>." |
| 21 | + } |
| 22 | + ] |
| 23 | + }, |
| 24 | + { |
| 25 | + "id": 553, |
| 26 | + "newsType": "blog", |
| 27 | + "title": "Help Shape the Future of CVEs with the CVE Consumer Working Group", |
| 28 | + "urlKeywords": "Shape Future of CVEs with Consumer WG", |
| 29 | + "date": "2025-07-29", |
| 30 | + "author": { |
| 31 | + "name": "Jay Jacobs", |
| 32 | + "organization": { |
| 33 | + "name": " CVE Consumer Working Group (CWG)", |
| 34 | + "url": "https://www.cve.org/ProgramOrganization/WorkingGroups#CVEConsumerWorkingGroupCWG" |
| 35 | + }, |
| 36 | + "title": " Co-Chair", |
| 37 | + "bio": "" |
| 38 | + }, |
| 39 | + "description": [ |
| 40 | + { |
| 41 | + "contentnewsType": "paragraph", |
| 42 | + "content": "Vulnerability data is part of the foundation of a strong security program. But if you’ve ever tried to work with <a href='/'>CVE</a> data at scale, you know there are opportunities to refine its completeness, accuracy, and timeliness for even greater impact.</br><br/>For those of us cleaning, normalizing, and using CVE Records on a daily basis the challenges may seem obvious. But many of those important insights about what is working and what causes the most pain rarely make it back to the <a href='/'>CVE Program</a>.<br/><br/>That’s where the “Consumer Working Group (CWG)” comes in." |
| 43 | + }, |
| 44 | + { |
| 45 | + "contentnewsType": "paragraph", |
| 46 | + "content": "<h3>What Is the CWG?</h3>" |
| 47 | + }, |
| 48 | + { |
| 49 | + "contentnewsType": "paragraph", |
| 50 | + "content": "The <a href='/ProgramOrganization/WorkingGroups#CVEConsumerWorkingGroupCWG'>CVE Consumer Working Group (CWG)</a> was created by the <a href='/ProgramOrganization/Board'>CVE Board</a> to bring consumer voices into the heart of the CVE ecosystem." |
| 51 | + }, |
| 52 | + { |
| 53 | + "contentnewsType": "paragraph", |
| 54 | + "content": "Our mission is simple: <ul style=list-style-type:none;><li><i>Ensure that CVE data reflects the real-world needs of the people who use it.</i></li></ul>" |
| 55 | + }, |
| 56 | + { |
| 57 | + "contentnewsType": "paragraph", |
| 58 | + "content": "We are building a community of consumers who are ready to share how CVE data fits (or doesn’t) into their workflows. We want to know what’s broken, what’s valuable, and what could be improved. We want to understand the joys and pains of working with CVE data from the people who live it every day." |
| 59 | + }, |
| 60 | + { |
| 61 | + "contentnewsType": "paragraph", |
| 62 | + "content": "<h3>What We’re Doing</h3>" |
| 63 | + }, |
| 64 | + { |
| 65 | + "contentnewsType": "paragraph", |
| 66 | + "content": "The CWG is focused on a few key areas: <ul><li><strong>Documenting strengths and opportunities:</strong> Where should we be focusing our attention?</li><li><strong>Building a library of real-world use cases:</strong> There are many types of consumers with their own goals and motivations. How are different consumers actually using CVE data in their environments?</li><li><strong>Evaluating the value of information elements:</strong> Which parts of the CVE Record are critical, and which elements create unnecessary work?</li><li><strong>Making changes:</strong> We’re not just collecting feedback; we’re shaping and making real changes from within the CVE Program.</li></ul>" |
| 67 | + }, |
| 68 | + { |
| 69 | + "contentnewsType": "paragraph", |
| 70 | + "content": "<h3>Why You Should Join</h3>" |
| 71 | + }, |
| 72 | + { |
| 73 | + "contentnewsType": "paragraph", |
| 74 | + "content": "This is your chance to influence the future of CVE because the working group is open to anyone who works with CVE data. Whether you’re part of a blue team triaging vulnerabilities, building automation around CVE ingestion, developing tools, or simply trying to make sense of the data, your experience matters." |
| 75 | + }, |
| 76 | + { |
| 77 | + "contentnewsType": "paragraph", |
| 78 | + "content": "We need your input to: <ul><li>Ensure the CVE Program reflects the priorities of consumers and real-world problems.</li><li>Push for data improvements that reduce overall effort and increase impact.</li><li>Build a shared understanding of what “good” looks like when it comes to vulnerability data.</li></ul>" |
| 79 | + }, |
| 80 | + { |
| 81 | + "contentnewsType": "paragraph", |
| 82 | + "content": "<h3>How to Get Involved</h3>" |
| 83 | + }, |
| 84 | + { |
| 85 | + "contentnewsType": "paragraph", |
| 86 | + "content": "The CWG meets virtually, and participation is open to anyone with a stake in CVE data. You can contribute as much or as little as you like: share a story, present your workflow, help shape a use case, or just listen in." |
| 87 | + }, |
| 88 | + { |
| 89 | + "contentnewsType": "paragraph", |
| 90 | + "content": "If you’d like to join, please <a href='https://docs.google.com/forms/d/e/1FAIpQLSeXbh-w0HAHID0Qsj47jEosqdTihJgahnkNEGf9cN14vKKmoA/viewform' target='_blank'>fill out this simple form to request membership</a>." |
| 91 | + }, |
| 92 | + { |
| 93 | + "contentnewsType": "paragraph", |
| 94 | + "content": "<strong><i>Let’s make sure CVE data supports defenders together.</i></strong>" |
| 95 | + } |
| 96 | + ] |
| 97 | + }, |
3 | 98 | { |
4 | 99 | "id": 552, |
5 | 100 | "newsType": "news", |
|
0 commit comments