This paper discusses the CVE Initiative, an international, community-based effort from industry, government, and academia for finding and fixing of software product vulnerabilities.
Developing on the Net: Dealing with Software Vulnerabilities
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
This paper discusses the CVE Initiative, an international, community-based effort from industry, government, and academia, that is creating an organizing mechanism that will make the finding and fixing of software product vulnerabilities more rapid, predictable, and efficient. The opportunities that this initiative is creating for software developers, security practitioners, and systems owners in their systems and products and for their customers will be explored. Readers will leave with an understanding of how the CVE Initiative is helping enterprise security management become more predictable, structured, and effective as a result of CVE enabled information security products, services, and methodologies. AFCEA Federal Database Colloquium & Exposition, August 30, 2001.