TEL AVIV, Israel, Sept. 10, 2024 /PRNewswire/ — Seal Security, a leading provider of open source vulnerability and patch management solutions, has been authorized by the Common Vulnerabilities and Exposures (CVE®) Program as a CVE Numbering Authority (CNA).
As a CNA, Seal Security will collaborate closely with open source communities to enhance security awareness by responsibly vetting, documenting, and disclosing vulnerabilities through the creation and assignment of CVE Records. These records are then published to the CVE List, a centralized database that serves as a critical resource for cybersecurity professionals worldwide.
By leveraging CVE Records, security teams can quickly identify, assess, and mitigate potential threats, thereby strengthening their organizations’ overall security posture against emerging cyber risks.
“Becoming an authorized CVE Numbering Authority reinforces Seal Security’s commitment to helping organizations maintain robust security,” said Itamar Sher, CEO of Seal Security. “Beyond publishing CVE Records to provide consistent descriptions of vulnerabilities, we aim to help organizations secure these open source vulnerabilities, positively impact the open source security community, and ultimately keep our customers safe, secure, and productive.”
In addition to creating and assigning CVE Records, Seal Security proactively leverages the CVE List to identify and remediate open source vulnerabilities. By providing standalone security patches, we ensure seamless and predictable fixes for vulnerabilities in both application code and images.
Currently, Seal Security’s repository offers over 300 cryptographically signed, sealed packages with 2,500+ unique patches across seven programming languages: Python, Go, C# (.Net), JavaScript, Java, C, and C++. The solution also supports patching base container and virtual machine images based on RHEL, CentOS, and Fedora.
About the CVE Program The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
About Seal SecuritySeal Security is redefining open source vulnerability remediation by providing standalone security patches that ensure seamless and predictable fixes for vulnerabilities in both application code and images. By backporting security fixes and creating fully compatible versions of open source packages, Seal enables security teams to apply patches independently of R&D involvement. This approach decouples security fixes from feature upgrades, centralizes the replacement of all vulnerable package instances across all CI pipelines, and automates and scales the vulnerability remediation processes.
Our solution is trusted by several organizations, including Fortune 100 companies and some of the largest software vendors. To learn more visit seal.security
ContactsJudith Wahnon
[email protected]
SOURCE Seal Security
