From: CVE Announce List (cvemitre.org)
Date: Fri Feb 03 2006 - 15:20:24 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Welcome to the latest edition of the CVE-Announce e-newsletter. This
email newsletter is designed to bring recent news about CVE, such as new
versions, upcoming conferences, new Web site features, etc. right to
your emailbox. Common Vulnerabilities and Exposures (CVE) is the
standard for information security vulnerability names. CVE content
results from the collaborative efforts of the CVE Editorial Board, which
is comprised of leading representatives from the information security
community. Details on subscribing (and unsubscribing) to the email
newsletter are at the end. Please feel free to pass this newsletter on
to interested colleagues.

Comments: cvemitre.org

-------------------------------------------------------
CVE-Announce e-newsletter/February 3, 2006
-------------------------------------------------------

Contents:

1. Feature Story
2. UPCOMING EVENT
3. Hot Topic
4. Also in this Issue
5. Details/Credits + Subscribing and Unsubscribing

FEATURE STORY:

Two Organizations Make Declarations of CVE Compatibility

Openware declared that its on demand vulnerability management and
assessment service, ATTAKA, will be CVE-compatible and Imperfect
Networks declared that its vulnerability assessment appliance and
database, ThreatEx, will be CVE-compatible.

"CVE-compatible" means that a product or service uses CVE names in a way
that allows it to cross-link with other repositories that also use CVE
names, as documented in the CVE compatibility requirements. Each item
listed on the CVE Web site includes a link to the organization's
homepage, the product or service name, type of product, link to the
product homepage, and a notation of the specific point in the CVE
Compatibility Process each product or service has reached. Many
organizations have multiple products and services listed. For additional
usability, they are also listed by product type, product name,
organization, and country. Product types include vulnerability
databases; security archives and advisories; vulnerability assessment
and remediation; intrusion detection, management, monitoring, and
response; incident management; data and event correlation; educational
materials; and firewalls.

To date, 56 network security products or services from 34 organizations
from industry, government, and academia organizations worldwide have
been awarded the CVE-Compatible logo and are registered as "Officially
CVE-Compatible," while another 143 organizations have declared that
their 236 products are or will be compatible. Visit the CVE-Compatible
Products and Services page to find out more about these and other
compatible products and services.

LINKS:

Openware - http://www.openware.biz

Imperfect Networks - http://www.imperfectnetworks.com

CVE Compatibility Requirements -
http://cve.mitre.org/compatible/requirements.html

CVE Compatibility Process - http://cve.mitre.org/compatible/process.html

CVE-Compatible Products and Services - http://cve.mitre.org/compatible/

-------------------------------------------------------------UPCOMING
EVENT:

CVE to Host Booth at 'RSA Conference 2006,' February 13-17

MITRE is scheduled to host a CVE/OVAL/CME exhibitor booth at "RSA
Conference 2006" on February 13-17, 2006 at the McEnery Convention
Center, in San Jose, California, USA. The RSA conference provides a
forum for information security professionals and visionaries to
"exchange and collaborate in a dynamic, authoritative setting." The
event will introduce CVE, OVAL (oval.mitre.org), and CME (cme.mitre.org)
to security professionals from industry, government, and academia from
around the world.

Organizations with CVE-Compatible Products and Services will also be
exhibiting. Please stop by Booth 1743, or any of these booths, and say
hello.

LINKS:

RSA 2006 - http://2006.rsaconference.com/us/

CVE-Compatible Products and Services - http://cve.mitre.org/compatible/

CVE Calendar - http://cve.mitre.org/news/calendar.html

-------------------------------------------------------------
HOT TOPIC:

CVE Announces Initial 'Calendar of Events' for 2006

The CVE Initiative has announced its initial calendar of events for the
first half of 2006. Details regarding MITRE's scheduled participation at
these events are noted on the CVE Calendar page. Each listing includes
the event name with URL, date of the event, location, and a description
of our activity at the event.

* "Homeland Security for Networked Industries (HSNI) 2006 Conference &
   Expo," January 9-11, 2006

* "DOD IA Conference Workshop," January 30 - February 1, 2006

* "RSA Conference 2006," February 13-17, 2006

* "MISTI's InfoSec World 2006 Conference & Expo," April 3-4, 2006

Other events will be added throughout the year. Visit the CVE Calendar
for information or contact cvemitre.org to have CVE present a briefing
or participate in a panel discussion about CVE, OVAL, CME, and/or other
vulnerability management topics at your event.

LINK:

CVE Calendar - http://cve.mitre.org/news/calendar.html

-------------------------------------------------------------
ALSO IN THIS ISSUE:

* CVE Hosts Booth at "IA Conference Workshop," January 30 - February 1

* CVE Hosts Booth/Participates on Discussion Panel at "Homeland Security
   for Networked Industries 2006 Conference & Expo"

* CVE Presents Briefing at InfraGard Meeting

* 714 CVE Names with Candidate Status Added to CVE List in December

* Photographs from Recent CVE Exhibitor Booths

Read these stories and more news at http://cve.mitre.org/news

---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing

Managing Editor: Steve Christey, Information Security Technical Center.
Writer: Bob Roberge. The MITRE Corporation (www.mitre.org) maintains CVE
and provides impartial technical guidance to the CVE Editorial Board on
all matters related to ongoing development of CVE.

To unsubscribe from the CVE-Announce e-newsletter, open a new email
message and copy the following text to the BODY of the message "SIGNOFF
CVE-Announce-list", then send the message to: listservlists.mitre.org.
To subscribe, send an email message to listservlists.mitre.org with the
following text in the BODY of the message: "SUBSCRIBE
CVE-Announce-List".

Copyright 2006, The MITRE Corporation. CVE and the CVE logo are
registered trademarks of The MITRE Corporation.

For more information about CVE, visit the CVE Web site at
http://cve.mitre.org or send an email to cvemitre.org.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]