Wednesday, January 23, 2013

CVE IDENTIFY SITE




http://cve.mitre.org/compatible/compatible.html

T IDENTIFIERS  About CVETerminologyDocumentsFAQsCVE ListAbout CVE IdentifiersSearch CVESearch NVDUpdates & RSS FeedsRequest a CVE-IDCVE In UseCVE-Compatible ProductsNVD for CVE Fix InformationCVE Numbering AuthoritiesNews & EventsCalendarFree NewsletterCommunityCVE Editorial BoardSponsorContact UsSearch the SiteCVE ListAbout CVE IdentifiersEditorial PoliciesData SourcesReference Key/MapsSearch TipsUpdates & RSS FeedsRequest a CVE IdentifierITEMS OF INTERESTTerminologyNVD 

About CVE Identifiers

CVE Identifiers Defined | Creation of a CVE Identifier | Requesting CVE Identifiers

CVE Identifiers Defined

CVE Identifiers (also called "CVE names," "CVE numbers," "CVE-IDs," and "CVEs") are unique, common identifiers for publicly known information security vulnerabilities.Each CVE Identifier includes the following:CVE Identifier number (i.e., "CVE-1999-0067").Brief description of the security vulnerability or exposure.Any pertinent references (i.e., vulnerability reports and advisories or OVAL-ID).BACK TO TOP

Creation of a CVE Identifier

The process of creating a CVE Identifier begins with the discovery of a potential security vulnerability or exposure. The information is then assigned a CVE Identifier number by a CVE Numbering Authority (CNA), and posted on the CVE Web site by the CVE Editor. As part of its management of CVE, The MITRE Corporation functions as CVE Editor and Primary CNA. The CVE Editorial Board oversees this process.The documents below explain CVE Identifiers and the creation of identifiers in more detail:CVE Numbering AuthoritiesLists the several organizations currently participating as CVE Numbering Authorities (CNAs). Includes an introduction to the candidate reservation process; defines CNAs and provides the requirements for being a CNA, describes CNA tasks, and explains the communication requirements from the CNA to MITRE; defines the role of vendor liaisons, and explains the researcher's responsibilities in the process.How We Build the CVE ListA description of the process of how CVE Identifiers are added to the CVE List, including the roles of CVE Numbering Authorities (CNA) and the CVE Content Team.CVE Editorial PoliciesCVE Editorial Policies, also Content Decisions (CDs), are the guidelines the CVE Content Team uses to ensure that CVE Identifiers are created in a consistent fashion, independent of who is doing the creation. This page is a central location of information about, and related to, CDs including the following: Editorial Policies Overview; CVE Abstraction Content Decisions: Rationale and Application; and Handling Duplicate Public CVE Identifiers.CVE Editor's CommentarySelected opinions and commentary about vulnerabilities, software assurance, and related topics by the CVE List Editor.CVE ReferencesEach CVE Identifier includes appropriate references. Each reference used in CVE (1) identifies the source, (2) includes a well-defined identifier to facilitate searching on a source's Web site, and (3) notes the associated CVE Identifier. CVE also includes a Reference Maps page with links to documents from the commonly used information sources that are used as references for CVE Identifiers.CVE Data SourcesA list of the organizations from the information security community that provide us with vulnerability information that helps MITRE create new CVE Identifiers.CVE Versions ArchiveThis page provides an archive of the old CVE versions, the last of which was issued in 2006. As new CVE Identifiers are now added to the CVE Web site on a daily basis and are immediately usable by the community, the most current version of CVE is on the CVE List Master Copy page.FAQsFAQs from the Frequently Asked Questions page in the About CVE section also address specific questions about CVE Identifiers.BACK TO TOP

Requesting CVE Identifiers

In most instances the CVE Initiative does not issue CVE-ID numbers directly but instead relies on certain mechanisms to handle newly emerging information that is eventually provided to CVE. Therefore, to receive a CVE-ID number for your issue you could:Contact one of the CVE Numbering Authorities (CNAs), which will then include a CVE-ID number in its initial public announcement about your new vulnerability.Contact an emergency response team such as CERT/CC, etc.Post the information to mailing lists such as Bugtraq.Provide the information to a vulnerability analysis team.Alternatively, you may contact the CVE project to Request a CVE-ID and we will provide you with our "CVE Identifier Reservation Guidelines for Researchers" and work with you to assign a CVE-ID number while you work through the process of publicly disclosing the vulnerability. Please review the Researcher Responsibilities.


nc.Web Site:www.adventnet.comQuote/Declaration: AdventNet is pleased to support CVE names in the vulnerability database of the SecureCentral product line, as part of our commitment to embracing industry standards.Name: ManageEngine Security Manager PlusType: Vulnerability Management Software for Windows and Linux Systems CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SecureCentral PatchQuestType: Patch Management Software for Windows and Linux systems CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPApplication Security, Inc.Web Site:www.appsecinc.comQuote/Declaration: Application Security, Inc. is committed to delivering solutions that are compatible and interoperable with the IT security environment at large. In the vulnerability management marketplace, that means speaking CVE. We've kept our SHATTER knowledgebase, the world's most comprehensive list of database vulnerabilities and misconfigurations, up-to-date with CVE references since 2004.— Josh Shaul, CTOName: AppDetectiveProType: Database Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: DbProtectType: Database Intrusion Protection, Detection, and Prevention CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: TeamSHATTER.comType: Threat Resource Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPArcSight, Inc.Web Site:www.arcsight.comQuote/Declaration: As a pioneer and leading provider of security management solutions for the enterprise ArcSight actively promotes and supports open systems standards such as CVE. ArcSight uses cross-device correlation to detect sophisticated multi-source, multi-target attacks while keying into the correct policies and procedures for response via the CVE names. It enables security experts and IT managers to cross-correlate information and references about different threats reported by disparate security products and solutions — a necessity to understand the real impact of vulnerabilities and attacks.Name: Arcsight ESM Event Security ManagerType: Real-Time Security Awareness/Incident Response CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPAssuria LimitedWeb Site:www.assuria.comQuote/Declaration: Assuria Auditor (formerly ISS System Scanner) was previously certified as ISS System Scanner. Assuria have enhanced and added functionality and features around CVE reporting in the product.Name: Assuria AuditorType: Vulnerability Assessment and Remediation CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPBeijing Leadsec Technology Co., Ltd.Date Declared: March 13, 2011Web Site:www.leadsec.com.cnName: Leadsec Intrusion Prevention SystemType: Intrusion Protection System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Leadsec Security Intrusion Detection SystemType: Intrusion Detection System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPBeijing Topsec Co., Ltd.Web Site:www.topsec.com.cnName: TopSentry Intrusion Detection SystemType: Intrusion Detection and Management CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Topsec Intrusion Protection System (TopIDP)Type: Intrusion Protection and Management CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPBeijing Venustech Cybervision Co., Ltd.'sWeb Site:www.venustech.com.cnQuote/Declaration: Beijing Venustech provides users with a series of network security products, which along with our own independent intellectual property, are compliant with the international standard, CVE. Beyond products, we deliver our customers life-cycle services including consulting, design, implementation, maintenance, and training.— Helen WangName: Cybervision Intrusion Detection SystemType: Intrusion Detection System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Cybervision Vulnerability Assessment and Mangement SystemType: Vulnerability Scanner CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Venusense Intrusion Prevention SystemType: Intrusion Prevention System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Venusense Threat Detection and Intelligent Analysis SystemType: Intrusion Detection and Intelligent Analysis CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Venusense Unified Security GatewayType: Unified Threats Management (UTM) CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Venusense Web Application GatewayType: Web Application Firewall CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPBeyond Security Ltd.Web Site:www.beyondsecurity.comQuote/Declaration: Beyond Security Ltd.'s Automated Scanning provides users with a complete picture of the security of their organization by leveraging the huge SecuriTeam.com knowledgebase. As such, we see high importance for the CVE naming scheme, which provides a global independent reference for known security vulnerabilities.Name: AVDSType: Automated Vulnerabilities Scanner CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: AVDS ServerType: Automated Vulnerabilities Scanner Platform For Service Providers CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: AVDS ServicesType: Automated Vulnerabilities Scanning Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPBlack Box CorporationDate Declared: March 29, 2010Web Site:www.blackbox.comQuote/Declaration: As a global leader in data, voice and enterprise security solutions, Black Box Corporation (BBOX) fully supports the MITRE CVE® standard. We are pleased to deploy our award winning CVE-compatible Veri-NAC appliances into the market with a faster, less invasive vulnerability scanning system with direct links into the National Vulnerability Database (NVD) for a deeper understanding of common vulnerabilities and exposures as well as faster remediation.Name: Veri-NAC AppliancesType: Veri-NAC is a one-box vulnerability management and network access control (NAC) appliance CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPCA, Inc.Web Site:www.ca.comQuote/Declaration: As a respected member of the MITRE CVE Editorial Board and a global leader in security, Computer Associates International, Inc (CA) is fully committed to supporting the MITRE CVE Initiative. With the increasing number of vulnerabilities, CA recognizes the need and the importance for a common vulnerability naming and enumerating standard. CA Threat Research Team leverages the CVE List by correlating our vulnerability database with the MITRE CVE List. By providing this information to our customers through our Threat Management products — eTrust Vulnerability Manager, and eTrust Policy Compliance, users can quickly and accurately identify a common vulnerability name and number, and in addition cross-reference this information with other sources and products that are CVE-compatible.Name: CA Vulnerability ManagerType: Vulnerability Management CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPCatbird Networks, Inc.Web Site:www.catbird.comQuote/Declaration: Catbird V-Security is a comprehensive security and compliance solution for virtual and physical infrastructures, delivering best-practice security for Hypervisor, Guest VMs and Policy/Regulatory Compliance. Cross-indexing the CVE in reports we present to our partners and customers assists them in building effective security programs.Name: Catbird vSecurityType: Security Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPCisco Systems, Inc.Web Site:www.cisco.comQuote/Declaration: Cisco sees CVE as an important step in the collaborative efforts of the vulnerability science community. It is a tool that allows our security research and product development teams to focus on adding value for our customers. Cisco will incorporate the CVE dictionary into its products.— Andrew Balinsky, Cisco Secure Encyclopedia Project ManagerName: Cisco Security IntelliShield Alert Manager ServiceType: Security Intelligence Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire


★★★★
ite:www.criticalwatch.comQuote/Declaration: Critical Watch supports MITRE's CVE program for standardizing a naming scheme for vulnerabilities. Incorporating CVE names into our enterprise vulnerability management solution enables our customers to act swiftly and confidently to collapse windows of exposure.— Nelson Bunker Chief Security OfficerName: FusionVM ConsultantType: Appliance-Based Managed Service CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: FusionVM Enterprise SystemType: Appliance-Based Managed Service CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: FusionVM MSSPType: Appliance-Based Managed Service CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: FusionVM PCIType: Remote Scanning Service CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: FusionVM Software as a Service (SaaS)Type: Remote Scanning Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPCXSecurityDate Declared: January 3, 2012Web Site:cxsecurity.comName: World Laboratory of Bugtraq (WLB) 2Type: Vulnerability Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPDragonSoft Security Associates, Inc.Web Site:www.dragonsoft.com/english/Quote/Declaration: DragonSoft Security Associates, Inc. believes that CVE provides the correct direction to a uniform and consistent representation of vulnerabilities and exposures information. As a company which research and design vulnerabilities and exposures detecting software, we are very desirous to providing CVE compatible product to our customers that researches and designs software for detecting vulnerabilities and exposures, we believe it is important to provide CVE-compatible products to our customers.Name: DragonSoft Secure ScannerType: Vulnerabilities and Exposures Assessment Software CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: DragonSoft Vulnerability DatabaseType: Online Vulnerabilities and Exposures Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPEasy Solutions, Inc.Web Site:www.easysol.netQuote/Declaration: As a leader and innovation in the security industry, Easy Solutions, Inc. is pleased to announce compatibility with the CVE Initiative— Ricardo E. Villadiego, Regional Director, Americas, Easy Solutions, Inc.Name: Detect Vulnerability Scanning Service - ExternalType: Vulnerability Scanning and Assessment Service CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Detect Vulnerability Scanning Service - External/InternalType: Vulnerability Scanning and Assessment Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPeEye Digital SecurityWeb Site:www.eeye.comQuote/Declaration: eEye Digital Security is an innovative leader in vulnerability and security research, providing security solutions that help businesses and users protect their systems and intellectual property from compromise. eEye enables secure computing through world-renowned research and innovative technology, supplying the world's largest businesses with an integrated and research-driven vulnerability assessment, intrusion prevention, and client security solution. eEye is pleased to support the CVE Initiative and will continue to promote the standardization of the CVE naming convention and vulnerability identification.Name: Retina Network Security ScannerType: Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPFortinet, Inc.Date Declared: April 5, 2011Web Site:www.fortinet.com/Quote/Declaration: Fortinet has been an established security vendor for some time, and regularly discovers third-party security vulnerabilities for which we request CVE Identifiers from MITRE. We also monitor the security space, develop IPS signatures, and map/reference the CVEs for all of these in our advisories and encyclopedia.Name: FortiGuardType: Vulnerability Compliance Management Service and Security Advisories Archive CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPFuJian RongJi Software Company, LtdWeb Site:www.rongji.com.cnQuote/Declaration: FuJian RongJi Software Company, Ltd., in association with the Institute of High Energy Physics, the Chinese Academy of Sciences, has developed the RJ-iTop Network Vulnerability Scanner System, which provides CVE Output and is CVE Searchable. In addition, its database is fully searchable by keyword or CVE name. We have made our product compatible with CVE so that administrators can easily differentiate which is the best product for them among the different security products.— C. Shanmao Lin, RongJi EnterpriseName: RJ-iTop Network Vulnerability Scanner SystemType: Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPGFI Software Ltd.Web Site:www.gfi.comQuote/Declaration: GFI recognizes the importance of standards in a field which is encountering even bigger challenges, variation of attacks and abuses of IT systems. While searching for a standard which will allow us to adhere to as well as encourage our customers to refer to vulnerabilities in a particular format, we found a perfect synergy between our technology and CVE. We believe that such integration will provide a common ground for our customers and security administrators out there to share and unify experiences against these ever increasing threats.Name: GFI LANguard Network Security ScannerType: Network Vulnerability Assessment & Remediation Product CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPGlobantWeb Site:www.globant.comQuote/Declaration: Globant is pleased to support MITRE's initiative of standardizing vulnerability identification in our managed security services. The adoption of MITRE's CVE standard benefits users, community and vendors by providing a consistent and single way of identifying vulnerabilities across different products.Name: ATTAKAType: On Demand Vulnerability Management and Assessment Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPH3C Technologies Co., LimitedWeb Site:www.h3c.com.cnQuote/Declaration: H3C Technologies Co., Limited has made our IPS product compatible with CVE for the benefit of our customers and to support industry standards.Name: SecBlade IPSType: Intrusion Prevention System As A Network Switch Module CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SecPath T Series IPSType: Intrusion Prevention System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire 



Hangzhou DPtech Technologies Co., Ltd.Date Declared: March 23, 2011Web Site:www.diputech.comQuote/Declaration: Hangzhou DPtech Technologies Co., Ltd. is pleased to support MITRE on the CVE effort to standardize vulnerability identification not only for the security industry, but for our customers. DPtech IPS2000, our network-based intrusion prevention system, and DPtech Scanner1000, our network and application vulnerability assessment scanner, have incorporated CVE names to provide the most valuable information for our customers.Name: DPtech IPS2000Type: Network and Application Vulnerability Assessment CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: DPtech Scanner1000Type: Vulnerability Scanner System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPHigh-Tech Bridge SADate Declared: June 19, 2012Web Site:www.htbridge.comQuote/Declaration: At High-Tech Bridge we strongly believe that each vulnerability should have a CVE Identifier; this simplifies standardization and information exchange among security companies, researchers, and vendors.Name: High-Tech Bridge Security AdvisoriesType: Security Advisories CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPHuawei Technologies Co., Ltd.Date Declared: July 11, 2012Web Site:www.huawei.comQuote/Declaration: CVE compliance as a high priority requirement throughout Huawei security product/service development process helps our customers to easily get broader vulnerability/exploit information.Name: Huawei Network Intelligent Protection System (NIP)Type: Intrusion Prevention System (IPS) CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Huawei Network Intrustion Detection System (NIP D)Type: Intrusion Detection System (IDS) CVE Output: YesCVE Searchable: YesReview Completed Questionnaire  Last Updated: December 17, 2012BACK TO TOPIBMWeb Site:www.ibm.comQuote/Declaration: IBM actively promotes, supports, and contributes to the emerging open systems standards such as CVE that enable technology management software such as IBM Tivoli Risk Manager and IBM Tivoli Security Operations Manager, intrusion detection, vulnerability assessment, and security management components to inter-operate and share management information. We know that open system standards are a critical step in this direction. We support CVE as the first and the most complete naming convention for vulnerability mapping in the industry and we are committed to using CVE within our product in a tightly integrated fashion.Name: Rational AppScanType: Application Security Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPIBM Internet Security SystemsWeb Site:www.iss.netQuote/Declaration: The CVE naming standard developed by MITRE represents a significant leap forward for the information security industry and end user community. As a technology pioneer and leading provider of security management software and services, IBM Internet Security Systems is pleased to be a part of this important initiative as we move toward a standard that is crucial to the effective protection of every organization's critical digital assets.— Christopher Klaus, Founder and Chief Technology OfficerName: Internet ScannerType: Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Proventia Enterprise ScannerType: Vulnerability Management Assessment System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Proventia Management SiteProtectorType: Security Management Platform CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: RealSecure Network 10/100Type: Network-Based IDS/IPS CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: RealSecure Network GigabitType: Network-Based IDS/IPS CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: RealSecure Server SensorType: Host-Based IDS/IPS CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: X-Force Alerts and AdvisoriesType: Alerts & Advisories Archive CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: X-Force DatabaseType: Vulnerability Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPInformation Risk Management PlcWeb Site:www.irmplc.comQuote/Declaration: IRM ensures that clients acquire and maintain the core elements of information security by providing product-independent, expert, and impartial consulting services to organisations wishing to examine and improve the security of their information assets. It is essential that open and standardised vulnerability descriptions and metrics integrate into IRM's methodology and output so that clients may be assured of a common reference to findings and recommendations. CVE provides such a mechanism and is vital in providing meaningful security threat results.Name: Security Risk AssessmentType: Security Risk Assessment Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPInformation-technology Promotion Agency, Japan (IPA)Web Site:www.ipa.go.jp/index-e.htmlQuote/Declaration: IPA is proud to incorporate CVE in our product line. Our main product, JVN iPedia is a vulnerability database that stores summary and countermeasure information on domestic and overseas software products used in Japan. JVN iPedia is equipped with search functions (Keyword, Product, CVSS, CVE, etc.) and RSS feeds, which provides the accumulated data in a comprehensive manner.Name: Filtered Vulnerability Countermeasure Information Tool (MyJVN)Type: Filtered Warnings Application CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Vulnerability Countermeasure Information Database (JVN iPedia)Type: Online Vulnerability Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPInfoSec Technologies Co., Ltd.Web Site:www.infosec.co.krName: TESS TMS (Threats Management System)Type: Intrusion Detection/Threat Management System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPJapan Computer Emergency Response Team Coordination Center (JPCERT/CC) and Information-technology Promotion Agency, Japan (IPA)Web Site:www.jpcert.or.jp/english/Quote/Declaration: Under the Information Security Early Warning Partnership in Japan, IPA receives private vulnerability reports and JPCERT/CC coordinates with developers to prepare patches or remedies. JVN provides infomation such as solution, vulnerability analysis by JPCERT/CC, and vender notes. JVN contains CVE information as well as vulnerability attribute information.Name: Japan Vulnerability Notes (JVN)Type: Vulnerability Information Portal Site CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPKingnet Security, Inc.Web Site:www.kingnet.bizQuote/Declaration: Kingnet Security plays a leading role in network security industry in China. We want our KIDS intrusion detection system to be compatible to the CVE standard so as to bring as much value to our customers as possible.Name: Kingnet Intrusion Detection System (KIDS)Type: Intrusion Detection System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPLANDesk Software Inc.Web Site:www.landesk.comQuote/Declaration: LANDesk Security and Patch manager supports the CVE naming standard, it's a simple and practical way to ensure that a vulnerability definition means the same thing to different people.Name: LANDesk Patch ManagerType: Patch Management System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: LANDesk Security SuiteType: Active Endpoint Security Management CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPLegendsec Technology Co. LtdWeb Site:www.legendsec.comQuote/Declaration: For the benefit of our customers, we believe it is important to be fully compatible with the international CVE standard.Name: Legendsec SecIDS 3600 Intrusion Detection SystemType: Intrusion Detection System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Legendsec SecIPS 3600 Intrusion Prevention SystemType: Intrusion Prevention System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPLEXSIWeb Site:www.lexsi.comQuote/Declaration: The CSI service of laboratory LEXSI gathers applications and services offering a coherent and complete IT security watch solution to its subscribers. At the core of the CSI, ten experts supervise new security failures, carry out integrity tests, provide manual avoidance solutions, reference and enrich the Vulnerabilities Database. Compatibility between referred vulnerabilities and CVE dictionary provides to our subscribers and partners full interworking of our watch system with all third party products and services.Le service CSI du laboratoire LEXSI regroupe un ensemble d'applications et de services à même d'offrir à ses abonnés une solution cohérente et complète de veille en sécurité informatique. Au coeur du CSI, une dizaine d'experts surveille l'apparition de failles de sécurité, effectue des tests d'intégrité, élabore des solutions de contournement, référence et enrichit la Base de Vulnérabilités. La compatibilité entre les vulnérabilités référencées et le dictionnaire CVE offre à nos abonnés et partenaires l'interopérabilité totale de notre système de veille avec l'ensemble des services et produits tiers.Name: CSIType: Vulnerability Database and Notification Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPLumension Security, Inc.Web Site:www.lumension.comQuote/Declaration: Lumension Security (formerly PatchLink Corporation) is in the vulnerability management business and as such fully recognizes the value of using CVE names. All of our patches have CVE codes in them.Name: PatchLink ScanType: Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPMcAfee, Inc.Web Site:www.mcafee.comQuote/Declaration: Because of today's ever changing threats, and vulnerability data a consent must be had to properly identify each. In the malicious code area these naming conventions exist and are very beneficial. The MITRE CVE program provides a naming standard that can be relied on when there is confusion or no standards agreed upon providing a method by which system administrators and other users can search the Internet to get the information on the same vulnerability via various sources.— Carl Banzhof - Vice President and Chief Technology Evangelist, McAfeeName: McAfee Foundstone AppliancesType: Vulnerability Assessment Appliance CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: McAfee Policy AuditorType: Automated Vulnerability Remediation CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPMITRE CorporationWeb Site:www.mitre.orgQuote/Declaration: OVAL provides a common language for security experts to discuss the technical details of how to check for the presence of vulnerabilities and configuration issues on local systems. The results of the discussions are collaboratively developed XML vulnerability, patch, and compliance definitions that are based on a common OVAL Schema and perform the checks. CVE names are used as the basis for all OVAL vulnerability definitions currently collected on the OVAL Web site. For each CVE name, there are one or more OVAL vulnerability definitions that measure the presence of that vulnerability on an end system. OVAL vulnerability definitions on the OVAL Web site can be searched by CVE name, and vulnerability definitions called up for review include CVE names.— Pete Tasker, Executive Director, Security and Info Operations DivisionName: Open Vulnerability and Assessment Language (OVAL) Web siteType: Standard for Describing Vulnerability and Configuration Criteria CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPNational Institute of Standards and TechnologyWeb Site:csrc.nist.govQuote/Declaration: The National Vulnerability Database contains all CVE information as well as vulnerability attribute information (e.g. vulnerable version numbers), direct access to U.S. government vulnerability resources, and annotated links to industry resources. The underlying data in the database is provided license free via an XML feed.Name: National Vulnerability Database (NVD)Type: Online Vulnerability Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPnCircle Network Security, Inc.Web Site:www.ncircle.comQuote/Declaration: nCircle actively supports standardization efforts in the security market, including the CVE's common lexicon for the vulnerability namespace. As a member of the CVE editorial board, we are committed to ensuring nCircle's IP360 product continues to support CVE names and provides customers with an enterprise-class complete lifecycle approach to vulnerability management. Ultimately, this enables customer to find and eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage business risk.— Tim Keanini, CTOName: IP360 Vulnerability Management SystemType: Appliance-Based Enterprise-Class Vulnerability Management System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPNetClarityWeb Site:www.netclarity.netQuote/Declaration: NetClarity is a strong proponent of the CVE dictionary. The Auditor family of appliances automatically audit networks and reports those vulnerabilities discovered by our patent-pending vulnerability assessment engine. With CVE-specific information and remediation instructions, we enable our customers to better manage their risks, comply with regulations, and protect their assets.— Gary S. Miliefsky, CTO, CISSP, NetClarity, Inc.Name: NetClarity Analyst and Update ServiceType: Vulnerability Assessment Appliance and Update Service For Small Mobile Networks CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: NetClarity Auditor 128 and Update ServiceType: Vulnerability Assessment Appliance and Update Service For Small Mobile Networks CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: NetClarity Auditor Enterprise and Update ServiceType: Vulnerability Assessment Appliance and Update Service For Large Networks CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: NetClarity Auditor XL and Update ServiceType: Vulnerability Assessment Appliance and Update Service For Small to Medium Enterprises CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPNetcraft Ltd.Web Site:www.netcraft.comQuote/Declaration: Netcraft is pleased to be able to offer mappings between its vulnerability scanner and the CVE dictionary. We see CVE as an important security administration tool, linking our services to a wider variety of other security devices, services and sources of security information.Name: Audited by NetcraftType: Managed Vulnerability Scanning Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPnetVigilance, Inc.Web Site:www.netvigilance.comQuote/Declaration: The SecureScout line of vulnerability assessment solutions, fully supports CVE references; our speed and ease of use enable users to more efficiently verify CVE coverage.Name: SecureScout EagleBoxType: Network Scanning Appliance-Based Service CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SecureScout NXType: Single User Network-Based Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SecureScout PerimeterType: Web-Based, Internet-Side Vulnerability Assessment Service CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SecureScout SPType: Enterprise Network-Based Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPNeusoft CorporationDate Declared: January 25, 2011Web Site:www.neusoft.comName: NISG-IPSType: Intrusion Prevention Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPNGSSecure, a Division of NCC Group UK PLCDate Declared: February 6, 2012Web Site:www.ngssoftware.comQuote/Declaration: Since its inception in 2001, NGSSoftware has always made great strides to ensure its software is compatible with the CVE initiative.Name: NGS SQuirreL for OracleType: Standalone Vulnerability Assessment Software Product CVE Output: YesCVE Searchable: YesReview Completed Questionnaire  Last Updated: November 28, 2012BACK TO TOPNileSOFT Ltd.Web Site:www.nilesoft.co.kr/eng/Quote/Declaration: NileSOFT is proud to incorporate CVE in our product line. Our main products, Secuguard SSE (Host based Vulnerability Assessment Tool), Secuguard NSE (Network based Vulnerability Assessment Tool), mySSE for Web (Online PC Vulnerability Assessment Service), and LogCOPS (Enterprise Log Analysis and Management System) will continue to maintain the latest version of CVE.Name: Secuguard NSE (Network Security Explorer)Type: Network based Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Secuguard SSE (System Security Explorer)Type: Host based Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPNSFocus Information Technology (Beijing) Co., Ltd.Web Site:www.nsfocus.comQuote/Declaration: CVE has made significant efforts to standardize the names for vulnerabilities, eliminate the potential gap in security coverage and provide easier interoperability among different security products. NSFocus strives to deliver customers the enhanced security by series of products with full support for the CVE standard.Name: AURORA RSASType: Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: ICEYE NIDSType: Intrusion Detection System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: NSFOCUS Network Intrusion Prevention System (NIPS)Type: Network-Based Intrusion Prevention System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: NSFOCUS Security Gateway (SG)Type: Firewall, IDS and Integrated Antivirus CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPOffensive SecurityDate Declared: November 16, 2010Web Site:www.offensive-security.comName: Exploit DatabaseType: Searchable Website CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPPacket StormDate Declared: October 20, 2011Web Site:packetstormsecurity.orgQuote/Declaration: Packet Storm Security, the Internet's largest free security web site housing tools, exploits, advisories, papers, and more, includes CVE names.Name: Packet Storm Security Web SiteType: Vulnerability, Tool, and Whitepaper Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPPositive Technologies CJSCDate Declared: September 30, 2010Web Site:ptsecurity.comName: MaxPatrolType: Vulnerabilities and Compliance Management System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPQualysWeb Site:www.qualys.comQuote/Declaration: Qualys is pleased to support MITRE's CVE Initiative of standardizing vulnerability identification and has incorporated the CVE naming scheme into its QualysGuard Web Services Architecture.— Wolfgang Kandek, CTO & Vice President of EngineeringName: QualysGuard ConsultantType: Network and Application Vulnerability Assessment Platform CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: QualysGuard ExpressType: Network and Application Vulnerability Assessment Platform CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: QualysGuard MSPType: Network and Application Vulnerability Assessment Platform CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: QualysGuard Vulnerability ManagementType: Network and Application Vulnerability Assessment Platform CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPRapid7 LLCWeb Site:www.rapid7.comQuote/Declaration: As a leader in both vulnerability management and penetration testing, Rapid7 appreciates MITRE's efforts to provide unique CVE Identifiers across both of these areas. This enables our customers to easily reference vulnerabilities and exploits across systems.Name: Metasploit ExpressType: Vulnerability Management and Penetration Testing CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Metasploit ProType: Vulnerability Management and Penetration Testing CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: NeXposeType: Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPRed Hat, Inc.Web Site:www.redhat.comQuote/Declaration: It is often confusing when the same security issues get fixed by different vendors in different ways with different names and descriptions. We see the CVE Initiative as the way to solve this problem, giving the community accurate information on which they can base their security decisions. We are working with MITRE to contribute and validate new entries as well as publish CVE entries in our security advisories.— Mark Cox, Senior Director of EngineeringName: Red Hat Security AdvisoriesType: Advisory Capability CVE Output: YesCVE Searchable: YesReview Completed Questionnaire  Last Updated: October 24, 2012BACK TO TOPRSA ArcherWeb Site:www.archer.comQuote/Declaration: RSA Archer eGRC Solutions are knowledge management system for the collection, management and distribution of critical security content such as vulnerabilities, technical baselines, control standards and information security policies as they relate to specific risk that IT assets face within the enterprise. The RSA Archer eGRC Solutions suite strongly supports the CVE standard, which greatly assists in our integration with other security products and vendors. The CVE mapping enables our clients to intelligently analyze, cross reference and search vulnerabilities that affect their organization.Name: RSA Archer Threat ManagementType: Threat Management CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPRsamDate Declared: February 7, 2011Web Site:www.rsam.comQuote/Declaration: Rsam's Enterprise GRC platform has integrated CVE throughout all vulnerability management and assessment modules. Since 2005, customers have utilized Rsam and CVE to declare, search, and reporting on common vulnerabilities, and to harmonize common vulnerability data across disparate data sources.Name: RsamType: Enterprise Governance, Risk and Compliance (EGRC) Platform CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSAINT CorporationWeb Site:www.saintcorporation.comQuote/Declaration: SAINT, WebSAINT, and SAINTbox vulnerability reports and tutorials include relevant CVE links, providing the user with easy reference to related information and a basis for determining the extent of each product's capabilities. SAINTmanager vulnerability reports and tutorials include relevant CVE links, providing the user with easy reference to related information and a basis for determining the extent of SAINTmanager's capabilities. SAINT, WebSAINT, and SAINTbox are also CVE searchable with a CVE cross-reference that maps the CVE entries to the SAINT tutorials, while SAINTmanager is CVE searchable with a CVE cross-reference that maps the CVE entries to the corresponding SAINTmanager vulnerability IDs. We will continue to keep all SAINT products updated with the latest CVE numbers as they become available.Name: SAINTboxType: Network Vulnerability Scanning Appliance CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SAINTmanagerType: Network Vulnerability Assessment Management Console CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Security Administrator's Integrated Network Tool (SAINT)Type: Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: WebSAINTType: Web-based Vulnerability Scanning Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSangfor Technologies Co., Ltd.Date Declared: February 6, 2012Web Site:www.sangfor.com.cnQuote/Declaration: Sangfor Technologies Co., Ltd. is a leading network security company in China. We fully support MITRE's CVE standard in our security products, which allows our security research and product development teams to focus on adding value for our customers and enables our customers to easily reference vulnerabilities information.Name: Next Generation Application Firewall (NGAF)Type: Next Generation Application Firewall CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSECUI.COM CorporationDate Declared: June 22, 2011Web Site:www.secui.com/english/?homeQuote/Declaration: With the increasing number of vulnerabilities in various areas, it is worthwhile to define a common vulnerability naming and enumerating standard such as CVE List. By providing this information to our customers through our product, they can quickly and accurately identify vulnerabilities. Especially, customers can cross-link the information with other CVE-Compatible products and services.Name: SECUI SCANType: Vulnerability Assessment Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSecuniaWeb Site:www.secunia.comQuote/Declaration: Secunia constantly monitors and reviews CVE entries to ensure that these are appropriately and accurately matched with the verified Secunia Vulnerability Intelligence provided in our Advisories, Secunia PSI, Secunia CSI, Secunia OSI, Secunia VIM, and on our Web site.Name: Secunia VIM (Vulnerability Intelligence Manager)Type: Vulnerability Intelligence, Alerting, Management, and Vulnerability Database CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Secunia WebsiteType: Vulnerability Database and Security Advisory Archive CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSecure Elements, IncorporatedWeb Site:www.secure-elements.comQuote/Declaration: C5 EVM combines vulnerability information from a myriad of sources to provide the most complete coverage possible for our customers. By relying on CVE, C5 EVM seamlessly integrates the information, providing our customers the highest level of protection available.— Dan Bezilla, CTOName: C5 Enterprise Vulnerability Management (EVM) SuiteType: Automated Vulnerability Remediation CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSecureInfo CorporationWeb Site:www.secureinfo.comQuote/Declaration: SecureInfo RMS, award-winning certification and accreditation software, is CVE-compatible. Supporting CVE is an important part of our vision in providing continuous monitoring capabilities in support of FISMA and our customer's information security programs.— Roberto R. Garcia, V.P. Product EngineeringName: Risk Management System (RMS)Type: Compliance Framework Tool CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSecurity-DatabaseWeb Site:www.security-database.comQuote/Declaration: Security Database uses the publicly known vulnerabilities identified in the CVE List as the basis for most of the queries. All data are relayed in realtime.Name: Security Database WebsiteType: Web site services CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSilicomp-AQLWeb Site:www.itlabs.fr.orange-business.com/Quote/Declaration: CVE compatibility ensures that administrators can easily use different security products in order to find additional information they need.Name: Vigil@nceType: Online Vulnerability Database (French) CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSkybox Security Inc.Web Site:www.skyboxsecurity.comQuote/Declaration: Skybox Security supports standards such as CVE that promote interoperability of security products. Skybox View, our exposure risk management solution, uses CVE names in its vulnerability dictionary and cross-references these to vulnerabilities imported by all vulnerability scanners such as Nessus, eEye Retina, ISS Internet Scanner, Qualys, and other market leaders. By running attack simulations against a virtual model of the network, Skybox View reveals vulnerabilities, based on CVE names, that are truly critical because they lie along an attack path to critical business applications. The CVE Initiative allows security professionals to understand risks and exposures in terms that can be cross-referenced to other security products - a growing necessity as more and more solutions automate the risk management process.Name: Skybox ViewType: Exposure Risk Management Solution CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSoftware in the Public Interest, Inc.Web Site:www.spi-inc.orgQuote/Declaration: Debian developers understand the need to provide accurate and up-to-date information of the security status of the Debian distribution, allowing users to manage the risk associated with new security vulnerabilities. CVE enables us to provide standardized references that allow users to develop a CVE-enabled security management process.Name: Debian Security AdvisoriesType: Advisories CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPSymantec CorporationWeb Site:www.symantec.comQuote/Declaration: Symantec maintains one of the largest vulnerability databases available today. Consisting of over 9000 distinct vulnerability records, we have strived to maintain CVE compliance from the outset of the CVE Initiative.Symantec fully supports an industry-wide standard for the indexing of vulnerabilities. Our public web sites (SecurityFocus and SecurityResponse), and our commercial alerting services (DeepSight Alert Services) fully conform to the CVE requirements. This allows our customers to search for, and research vulnerabilities and blended threats using this common nomenclature. Symantec's wide range of security products utilize the industry-leading vulnerability database and employ trusted, fast and automated response capabilities to identify threats identified by CVE.Name: DeepSight Alert ServicesType: Vulnerability Alerting Service and Database CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SecurityFocus Vulnerability DatabaseType: Vulnerability Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPTenable Network Security Inc.Web Site:www.tenablesecurity.comQuote/Declaration: Tenable Network Security utilizes the CVE program to reference each of the vulnerabilities detected by Nessus and the Passive Vulnerability Scanner. This information is also heavily used through SecurityCenter for reporting, education, IDS event correlation and linking with third-party security information.Name: Nessus Security ScannerType: Vulnerability and Compliance Scanner CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Passive Vulnerability ScannerType: Passive Network Monitor CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: Security CenterType: Enterprise Security Management System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPThreatGuard, Inc.Web Site:www.ThreatGuard.comQuote/Declaration: Recognizing the importance of common indexing of known vulnerabilities, ThreatGuard has included CVE references in ThreatGuard VMS and ThreatGuard Traveler. These references are seamlessly integrated with the ThreatGuard Navigator client application, reports, and search engine. As we release new vulnerability tests, it is among ThreatGuard's top priorities to ensure CVE referencing is included and accurate, extending the efforts of the CVE initiative.Name: ThreatGuard TravelerType: Continuous Security Auditing and Compliance Management for Service Providers CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: ThreatGuard Vulnerability Management SystemType: Continuous Security Auditing and Compliance Management CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPTippingPoint TechnologiesWeb Site:www.tippingpoint.comQuote/Declaration: TippingPoint is in the business of simplifying security. We are a strong proponent of MITRE's CVE standards initiative.Name: TippingPoint Intrusion Prevention System (IPS)Type: Network-Based Intrusion Prevention System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPTMC y CiaWeb Site:www.tmcycia.comQuote/Declaration: We have aligned our service/appliance FAV with the CVE vulnerabilities standard for the benefit of our customers.Name: FAV - Falcon Vulnerabilities AnalysisType: Vulnerability Analysis Service/Appliance CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPTrend Micro, Inc.Web Site:www.trendmicro.comName: Trend Micro Vulnerability AssessmentType: Vulnerability Assessment Product with Virus Info Association CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPTrustSignDate Declared: December 28, 2011Web Site:www.trustsign.com.brQuote/Declaration: TrustSign is a certificate authority and a security company that works to identify and correct common vulnerabilities in enterprise networks and service providers. We believe that it is important to our services and clients to be a fully compatible with the CVE standard.Name: Selos de SegurancaType: Vulnerability Assessment and Remediation Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPTrustwaveWeb Site:www.trustwave.comName: TrustKeeperType: Vulnerability Scanning Service CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPWinsTechnet.co., Ltd.Web Site:www.wins21.co.krQuote/Declaration: WinsTechnet.co., Ltd. is pleased to support MITRE on the CVE effort to standardize vulnerability identification not only for the security industry, but for our customers. SNIPER IPS, our network-based intrusion prevention system, and SecureCast, our vulnerability database, have incorporated CVE names to provide the most valuable information for our customers.Name: SNIPER IPSType: Network-Based Intrusion Prevention System CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: SecureCASTType: Vulnerability Database CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOPXi'an Jiaotong University Jump Network Technology Co., Ltd.Web Site:www.jump.net.cnQuote/Declaration: We have incorporated CVE to improve the quality of our product.Name: Jump NVASType: Network Vulnerability Assessment System (NVAS) CVE Output: YesCVE Searchable: YesReview Completed QuestionnaireName: JumpIPSType: Intrusion Prevention System CVE Output: YesCVE Searchable: YesReview Completed Questionnaire BACK TO TOP

Under Review

Product (8)Organization (8)TypeCountry (6)StatusBlue Lane PatchPoint SystemBlue Lane Technologies Inc.Inline Security Patch ProxyUnited StatesCVE COMPATIBILITY QUESTIONNAIRE POSTEDCert-IST Knowledge BaseCert-ISTVulnerability DatabaseFranceCVE COMPATIBILITY QUESTIONNAIRE POSTEDInciter Vulnerability ManagerSoftRun, Inc.Vulnerability Assessment ToolKoreaCVE COMPATIBILITY QUESTIONNAIRE POSTEDLog RadarTecForte Sdn BhdSecurity Information Management (SIM) SoftwareMalaysiaCVE COMPATIBILITY QUESTIONNAIRE POSTEDnFX Open Security Platform (nFX OSP)netForensics, Inc.Security Information ManagementUnited StatesCVE COMPATIBILITY QUESTIONNAIRE POSTEDPatchAdvisor Alert!PatchAdvisor, Inc.Patch Management Vulnerability Notification Service and DatabaseUnited StatesCVE COMPATIBILITY QUESTIONNAIRE POSTEDSecurity Announcement Service RUS-CERTRUS-CERT University of StuttgartSecurity Announcement Information ServiceGermanyCVE COMPATIBILITY QUESTIONNAIRE POSTEDSecurityAlertSecurityReasonSecurity Advisories, Database, and ArchivePolandCVE COMPATIBILITY QUESTIONNAIRE POSTEDBACK TO TOP 










★★★★














★★★★


No comments:

Post a Comment