San Francisco, CA — February 24, 2004 — On Tuesday, February 24th, the Common Vulnerabilities and Exposure (CVE) Initiative presented its first Certificates of Compatibility during an awards ceremony at the 13th Annual RSA Conference in San Francisco. Mr. John Payton, Incident Response Manager for the National Computer Emergency Readiness Team (US-CERT), Department of Homeland Security presented the awards.
In the four years that CVE (the common naming standard for vulnerabilities within the information security industry) has been in the public domain, more than 90 organizations (representing over 130 products and services) have declared their intent to become CVE compatible. Now, 10 of these vendors’ products have passed the final and most rigorous phase of the compatibility process. Recipients are:
Alliance Qualite Logiceil, for Vigil@nce AQL
Foundstone, Inc., for Enterprise Risk Solutions
Harris Corp., for STAT Scanner
Kingnet Security, Inc., for Kingnet Intrusion Detection System
The MITRE Corp., for Open Vulnerability Assessment Language (OVAL)
Red Hat, for Red Hat Security Advisories
SAINT Corp., for SAINT
Sintelli Ltd., for
Sintelli Vulnerability Database
Software in the Public Interest, Inc., for Debian Security Advisories
According to Mr. Payton, “This group comes from a pool of nearly 100 organizations that are pursuing compatibility. We congratulate these recipients, and look forward to seeing more organizations and their products qualify for inclusion in this select group.”
“We’re excited at the rate that industry is adopting the CVE naming standard,” adds Bob Martin, MITRE CVE Compatibility Lead. “In addition to the organizations that have publicly declared support for the CVE naming standard on the CVE web site, we’ve identified over 100 other organizations from around the world that are actively working to incorporate CVE support into their capabilities.”
Qualys and the Qualys logo are trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.