The “We Speak CVE” podcast focuses on cybersecurity, vulnerability management, and the CVE Program.

Three CVE Board members provide the truth and facts about the following myths about the CVE Program:

Myth #1: The CVE Program is run entirely by the MITRE Corporation
Myth #2: The CVE Program is controlled by software vendors
Myth #3: The CVE Program doesn’t cover enough types of vulnerabilities
Myth #4: The CVE Program is responsible for assigning vulnerability severity scores

We Speak CVE podcast, Episode 9 — CVE Myths versus Facts (Part 1)

The podcast is available for free on the CVE Program Channel on YouTube, on the We Speak CVE page on Buzzsprout, and on major podcast directories such as Spotify, Stitcher, Google Podcasts, Apple Podcasts, iHeartRadio, Podcast Addict, Podchaser, Pocket Casts, Deezer, Listen Notes, Player FM, and Podcast Index, among others.

Please give the podcast a listen and let us know what you think!

The CVE® Program’s quarterly calendar year (CY) summary of program milestones and metrics for Q2 CY 2021 is below.

Q2 CY 2021 Milestones

16 CVE Numbering Authorities (CNAs) Added
Sixteen new CNAs were added, including:

  • 13 by the MITRE Top-Level Root: Axis Communications AB (Sweden); ESET, spol. s r.o. (Slovak Republic); Fidelis Cybersecurity, Inc…

Guest author Tomo Ito of JPCERT/CC is a member of two CVE Program working groups, CNA Coordination (CNACWG) and Outreach and Communications (OCWG), and JPCERT/CC is the first-ever Root in the CVE Program.

When I was first offered the opportunity to contribute to this blog, I was reminded by a…

CVE Program

The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store