This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
09/17/2020
The History of Common Vulnerabilities and Exposures (CVE)
The State of Security
During the late 1990s, security professionals were using information assurance tools in concert with vulnerability scanners to detect and remove vulnerabilities from the systems for which they are responsible.
There’s just one problem – each security vendor has its own database with little to no crossover. Each vendor’s tool generates its own alert for detected vulnerabilities, and these alerts must be manually cross-referenced between the tools to determine if they are separate issues or multiple alerts for the same issue.
This is the scenario which spawned the Common Vulnerability and Exposures, or CVE, List. In January 1999, David E. Mann and Steven M. Christey of The MITRE Corporation published “Towards a Common Enumeration of Vulnerabilities” at a workshop at Purdue University.
In addition to wanting to know if multiple tools had identified the same vulnerability or not, Mann and Christey had a desire to compare the breadth and depth of coverage provided by each tool. To facilitate these needs, their whitepaper proposed creating a unified vulnerability and exposure reference list that could be used across participating assessment/IDS tools: the CVE List.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more informationResources
Your electronic library to help in fighting financial fraud for all of our partners.
more information