Milestone Systems, a prominent figure in video technology, has announced a collaboration with the Common Vulnerability and Exposures (CVE) Program, becoming a CVE Numbering Authority (CNA). The alliance has been motivated by the common objective of the two entities – to identify, describe, and catalogue known cybersecurity threats.
The community-based CVE Program operates on a global scale, facilitating organisations worldwide in discovering and sharing information about cybersecurity vulnerabilities. These discoveries are converted into CVE Records, complete with in-depth details about the issues. The CVE Records serve as a common ground for IT and cybersecurity professionals, enabling them to effectively communicate and cooperate in resolving the identified problem.
CEO of Milestone Systems, Thomas Jensen, shed light on the driving force behind their inclusion in the CVE Program. He states: “Milestone Systems is committed to transparency in cybersecurity across our business. As Responsible Technology becomes a license to operate, we believe that people have the right to feel safe knowing that they can trust video technology.”
This alliance elevates the partnership to benefit not just the two organisations, but also their wider communities. Milestone Systems will now publicly disclose any mitigated vulnerabilities, fostering trust within their user community. Jensen adds: “As a CVE Program partner, we will now publish mitigated vulnerabilities to the wider community, which will allow Milestone to coordinate and address potential issues even more effectively. This will further enhance our cybersecurity and continue to build trust in our XProtect open platform video management software.”
Under the new partnership, cybersecurity vulnerabilities will be logged and reported through Milestone’s existing channels. The change will come in the form of registration under CVE ID numbers. In addition, vulnerabilities and their associated mitigation methods will be available both through Milestone’s profile on the CVE website and on Milestone’s own website. This ensures that the information is readily accessible, thereby promoting swift and efficient resolution.
The CVE Program stands as a pivotal entity in the realm of cybersecurity, with a dedicated mission statement: to identify, define, and catalogue publicly disclosed cybersecurity vulnerabilities. Each vulnerability is assigned a unique CVE Record. Such organisation and accessibility of information pave the way for effective dialogue and action among IT and cybersecurity professionals. As a global initiative, the CVE Program encourages organisations worldwide to participate and contribute their knowledge and expertise, thus enhancing overall cybersecurity efforts.