Print Friendly, PDF & Email

CERT-In authorized as CVE Numbering Authority (CNA)
Source : PIB

GS III : Economy

What is discussed under CERT-In authorized as CVE Numbering Authority (CNA) ?

  1. About the Order
  2. How it helps
  3. Indian Computer Emergency Response Team ( CERT-In)

Why in News ?

Indian Computer Emergency Response Team ( CERT-In) has been undertaking responsible vulnerability disclosure and coordination for vulnerabilities reported to CERT-In in accordance to its vulnerability coordination role as a National CERT since its inception.

Key Facts

  • To move a step further in the direction to strengthen trust in “Make in India” as well as to nurture responsible vulnerability research in the country, CERT-In has partnered with the Common Vulnerabilities and Exposures (CVE) Program.
  • In this regard, Indian Computer Emergency Response Team (CERT-In) has been authorized by the CVE Program, as a CVE Numbering Authority (CNA) for vulnerabilities impacting all products designed, developed and manufactured in India.
About CVE

  • CVE is an international, community-based effort and relies on the community to discover vulnerabilities.

    CERT-In authorized as CVE Numbering Authority (CNA)
    Image by Pexels from Pixabay
  • The vulnerabilities are discovered then assigned and published to the CVE List.
  • Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
  • The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
  • It is an international, community-based effort and relies on the community to discover vulnerabilities.
  • The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program.
  • Partners publish CVE Records to communicate consistent descriptions of vulnerabilities.
About CNA

  • CNAs are organizations responsible for the regular assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the Vulnerability in the associated CVE Record.
  • The CVE List is built by CVE Numbering Authorities (CNAs). Every CVE Record added to the list is assigned by a CNA.
  • The CVE Records published in the catalog enable program stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks.
  • Each CNA has a specific Scope of responsibility for vulnerability identification and publishing.
About Indian Computer Emergency Response Team ( CERT-In)

  • CERT-In is a national nodal agency under Ministry of Electronics and Information Technology, Government of India, with the objective of securing Indian cyber space.
  • CERT-In is collaborating with overseas Computer Emergency Response Teams (CERTs) for incident response and resolution.

Daily Current Affairs : Click Here

Contact US

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x