Mastodawn

CWE Program Jul 16, 2025

Listen to Alexander Bushkin & Jeremy West of #RedHat discuss “How Do We Leverage CVE Root Cause Mapping and CWE Data to Prevent New Vulnerabilities?” in this video from #VULNCON25

https://youtu.be/5bRA2Qxqzd0 #CVE #CWE

CWE Program Jul 2, 2025

Hear how the CVE Numbering Authority (#CNA) community is enhancing #CVE Records with Root Cause Mapping (RCM) of their CVEs to #CWEs, RCM challenges & practical solutions, & how an LLM can help in this video from #VULNCON25

https://youtu.be/TH1tGO15K24

CWE Program Jun 19, 2025

Learn about CWE’s most important problems and where they fit within the challenges faced by the broader #vulnerabilitymanagement / #softwaresecurity ecosystem in this video from #VULNCON25

https://youtu.be/RcR-EFSptnQ #CVE #CWE

FIRST.org Apr 30, 2025

Thank you Brittany Day, Linux Security for your insightful coverage of #VulnCon25!

This article highlights critical developments in vulnerability management including metadata improvements, supply chain security measures, EU Cyber Resilience Act impacts and emerging security baseline standards.

Key Trends & Takeaways from VulnCon 2025

VulnCon 2025, recently held in Raleigh, NC, created a dynamic stage for security professionals and open-source advocates to connect, share, and...

Linux Security

Show thread

Carlos Mogas da Silva Apr 24, 2025

@bagder there was actually some conversations about what you talk about CVSS scores at #vulncon25. Nothing specific, but it was talked about as a weakness too.

FIRST.org Apr 15, 2025

Thank you Kevin Poireault, Infosecurity Magazine for covering #VulnCon25!

The article provides valuable insights into the NVD updates shared by NIST at the event.

It's encouraging to see the progress being made with improved processing rates and exploration of new automation approaches to address the scale of existing and emerging CVEs.

Read the full article to learn about NVD's latest initiatives including their gap-filling strategy, AI-powered tools and other improvements to their #VulnerabilityManagement infrastructure: https://go.first.org/bP57I

#cybersecurity

NVD Revamps Operations as Vulnerability Reporting Surges

The NVD program manager has announced undergoing process improvements to catch up with its growing vulnerability backlog

Infosecurity Magazine

CWE Program Apr 15, 2025

Thank you so much to everyone who attended the #CWE talks at the #VulnCon25 conference!!!

We’re already looking forward to next year’s event!

#CVE #FIRST https://cwe.mitre.org

CWE - Common Weakness Enumeration

Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses.

CVE Program Apr 15, 2025

Thank you so much to everyone who participated in our #VulnCon25 conference!!!!

The event was a huge success with many excellent talks & collaboration. We’re already looking forward to next year’s event!

#VulnerabilityManagement #Vulnerability #CVE #FIRST

FIRST.org Apr 11, 2025

The final day of #VulnCon25 has been extraordinary. Standout moments included:

- CISA and NIST Collaboration: Talks on "Managing Coordinated Disclosures" and "Software Identity in the Vulnerability Management Ecosystem" highlighted best practices and the evolving role of identity in securing systems
- FedRAMP Insights: Sessions explored compliance strategies and emerging regulations, connecting security with operational requirements
- Resolution Revolution: Adobe demonstrated how to streamline security ticket resolution by leveraging AI and integrating knowledge from company, product, and expert insights
- AI Vulnerabilities Unpacked: Workshops like "Identifying and Assigning AI Model Vulnerabilities" addressed challenges in securing AI systems, offering actionable solutions

As we conclude this event, we thank all speakers, attendees, and organizers for making this gathering a success!

#cybersecurity #infosec