Go back

VulnCheck Named CVE Numbering Authority for Common Vulnerabilities and Exposures

Anthony Bettini

On the Heels of Accreditation, Company Launches Advisories Program to Simplify How Researchers Share Vulnerabilities with Vendors

LEXINGTON, Mass. - April 12, 2023 - VulnCheck, the vulnerability intelligence company, today announced it has been authorized by the CVE Program as a CVE Numbering Authority (CNA). The company also announced the launch of VulnCheck Advisories, a program designed to simplify how security researchers share vulnerabilities with vendors.

The CVE Program is sponsored by the U.S. Department of Homeland Security and Cybersecurity and Infrastructure Security Agency, with a mission to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. As a CNA, VulnCheck joins an elite group of over 280 partners in 36 countries authorized to assign CVE identification numbers to vulnerabilities and publish additional details in the associated CVE record.

Our company offers the most comprehensive, real-time vulnerability, threat and exploit intelligence available on the market today, partnering with the CVE Program to put that data to use is the latest step we’re taking to help security teams fight back against the growing tide of vulnerabilities they face each day.

Anthony Bettini
Founder at VulnCheck

In conjunction with the accreditation, the company also launched VulnCheck Advisories, a program designed to remove friction between researchers who identify and report vulnerabilities and the organizations that acknowledge and fix the flaws. The program enables researchers to share newly discovered vulnerabilities directly with VulnCheck. The intelligence company then takes over the submission process to the vendor and guarantees the vulnerability is published within 120 days, whether fixed or not.

A lot of the time, researchers are at a disadvantage, programs that buy vulnerabilities can be cumbersome and rife with restrictions. In addition, if researchers choose to work directly with a vendor, they can often spend months just trying to get the company to acknowledge their report. With our program, researchers can submit their findings to VulnCheck and let the process run its course without all the hassle.

Anthony Bettini
Founder at VulnCheck

The news comes just months after the company raised a $3.2 million seed round to increase hiring, bolster product development and help large enterprises, government agencies and cybersecurity solutions providers outpace adversaries by solving the vulnerability prioritization challenge.

To learn more about VulnCheck and the Advisories program, visit https://vulncheck.com/advisories.

About VulnCheck

VulnCheck is the vulnerability intelligence company helping enterprises, government organizations, and cybersecurity vendors solve the vulnerability prioritization challenge. Trusted by some of the world's largest organizations responsible for protecting hundreds of millions of systems and people, VulnCheck helps organizations outpace adversaries by providing the most comprehensive, real-time vulnerability intelligence that is autonomously correlated with unique, proprietary exploit and threat intelligence. Follow the company on LinkedIn. To learn more about VulnCheck, visit https://vulncheck.com/.