The Fall of the National Vulnerability Database

Since its inception, three key factors have affected the NVD's ability to classify security concerns -- and what we're experiencing now is the result.

Dark Reading, Staff & Contributors

May 23, 2024

1 Min Read
cybersecurity concept
STU GRAY VIA ALAMY STOCK

In the realm of cybersecurity, understanding your biggest vulnerabilities is essential. The National Institute of Standards and Technology (NIST) initially established the National Vulnerability Database (NVD) to provide a centralized hub for cybersecurity vulnerability intelligence -- but did so under the assumption of rational actors making rational decisions and coming to rational conclusions. 

While it was never meant to be the end-all-be-all solution, the NVD currently is the most widely used software vulnerability database in the world, with many scanners, analysts, and vendors depending on it daily to determine what software has been affected by a vulnerability. Yet, it recently was revealed that NIST has not enriched vulnerabilities listed in the NVD since Feb. 12 -- meaning anyone relying on these reports potentially has been at risk for months.

While it seems abrupt on the surface, this disruption is actually a systemic issue that has evolved over time. Since its inception nearly 25 years ago, three key factors have impacted the NVD's ability to sufficiently classify security concerns that help the industry prioritize vulnerabilities -- and what we're experiencing now is the result. 

Read the Full Article on Dark Reading

About the Author(s)

Dark Reading

Dark Reading

Staff & Contributors

Dark Reading: Connecting The Information Security Community

Long one of the most widely-read cybersecurity news sites on the Web, Dark Reading is also the most trusted online community for security professionals. Our community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.

See more from Dark Reading
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Calculator displaying the text "SALARY" on top of $100 bills.
IT Leadership
2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI2024 InformationWeek US IT Salary Report
byInformationWeek Staff
Jun 4, 2024
1 Min Read
green balloon floating above a bunch of white balloons
IT Leadership
10 Ways IT Leaders Can Encourage Employees to Be Greener10 Ways IT Leaders Can Encourage Employees to Be Greener
byPam Baker
Apr 19, 2024
10 Slides
A young man with glasses is watching futuristic symbols on a computer screen. Symbols are reflecting in the man's glasses.
Data Management
Who Owns Me: Data Monetization, Data Privacy, and Data OwnershipWho Owns Me: Data Monetization, Data Privacy, and Data Ownership
byJoao-Pierre S. Ruth
Jun 10, 2024
Digital Security and Threat of a System
IT Leadership
11 Ways Cybersecurity Threats are Evolving11 Ways Cybersecurity Threats are Evolving
byLisa Morgan
Jun 13, 2024
11 Slides
Antitrust - Modern Keyboard with a Blue Key. 3D Illustration
Machine Learning & AI
Could Antitrust Probes Lead to AI Market Upheaval?Could Antitrust Probes Lead to AI Market Upheaval?
byCarrie Pallardy
Jun 13, 2024
7 Min Read
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports