Can a Global, Decentralized System Save CVE Data?

The NVD has struggled to keep up with the growing volume of CVE vulnerability disclosures, leading to backlogs and delays in data enrichment due to limited funding and staffing. Centralized management by U.S. entities such as NIST and MITRE creates a single point of failure, as a 2024 funding crisis highlighted. Security experts like Jerry Gamblin propose a decentralized system in which regional and industry leaders share responsibility and introduce redundancy, such as through the EUVD. The idea calls for globally standardized, uniquely identified records and broad industry participation, but remains an early-stage concept seeking engagement and feedback from the broader security community.

https://www.darkreading.com/cybersecurity-operations/can-global-decentralized-system-save-cve-data

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top