The purpose of thisblog是建立对话，并就CVE重要的问题和主题获取意见。我们鼓励您使用Medium,LinkedIn, orTwitterto comment on, share, or like a post. Right-click and copyhere从CVE网站分享这篇文章。

CVE Program Expands Partnership with Spanish National Cybersecurity Institute (INCIBE)

Share or comment

This article is based upon anews releaseby the CVE Program and INCIBE.

TheCVE® Programannounced it is expanding its partnership withSpanish National Cybersecurity Institute (INCIBE)for managing the assignment ofCVE Identifiers (CVE IDs)for the CVE Program.

INCIBE is now designated as aRootfor Spain Organizations. As a Root for Spain Organizations, INCIBE is responsible for ensuring the effective assignment of CVE IDs, implementing the CVE Program rules and guidelines, and managing theCVE Numbering Authorities (CNAs)under its care. It is also responsible for recruitment and onboarding of new CNAs and resolving disputes within its scope.

A CNA is an organization responsible for the regular assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the vulnerability in the associatedCVE Record. Each CNA has a specific scope of responsibility for vulnerability identification and publishing. Currently,INCIBEandJPCERT/CCare Roots under theMITRE Top-Level Root. There are currently173organizations from29countries actively participating in the CVE Program.

INCIBE has also extended its CNA scope responsibilities to those CVE candidates reported to INCIBE by researchers that are not within the scope of another CNA.

INCIBE’s Root designation consolidates INCIBE as a key agent of trust for the exchange of this type of information among Spanish organizations, thereby promoting a greater and better exchange of information so that all parties involved in this process can make better decisions in order to continue raising the level of cybersecurity of national companies.

Rosa Díaz, corporate general manager of INCIBE, stated, “The importance of this new role of the Institute, with public-private collaboration being one of the strategic points that will break down physical borders, which do not exist in the digital word, with the aim of detecting new vulnerabilities and strengthening cybersecurity capabilities so that our citizens and our companies are better protected.”

“The CVE Board is pleased to see INCIBE enhancing its mission of strengthening cybersecurity by stepping up their contributions to the vulnerability management community. The CVE Board welcomes INCIBE’s new role in the program as a Root CNA. We look forward to working with INCIBE in the days and years ahead,” stated Kent Landfield, a founding CVE Board member and chair of the CVE Strategic Planning Working Group.

评论还是问题？

If you have any questions about this article, please use theCVE Request Web Formand select “Other” from the dropdown menu to contact the CVE Program. We look forward to hearing from you!

-	The CVE Program
	June 17, 2021
	CVE Request Web Form (select “Other” from dropdown)

Recent Posts

• We Speak CVE Podcast: Engaging with CVE’s Automated CNA Services
• Our CVE Story: From Robot Security Research to Managing Robot Vulnerabilities（来宾作家）
• “CVE Global Summit – Spring 2021”
• Chandan Nandakumaraiah of Palo Alto Networks Joins CVE Board
• We Speak CVE Podcast: Interview with Larry Cashdollar A Researcher’s Perspective
• More >>