Ribose authorized as CVE Numbering Authority (CNA) by the CVE Program

The Ribose CNA issues authoritative CVE information for Ribose products and services

Ribose has been authorized by the Common Vulnerabilities and Exposures (CVE^®) Program as a CVE Numbering Authority (CNA), allowing it to publish authoritative cybersecurity vulnerability information of its products and services into the CVE List that feeds into the U.S. National Vulnerability Database (NVD).

CVE is an international, community-based effort that relies on discovery of vulnerabilities by the community and the subsequent assignment and publication of those vulnerabilities by CNAs in the publicly accessible CVE List. CNAs are responsible for publishing authoritative vulnerability information to allow information technology and cybersecurity professionals to prioritize and address vulnerabilities.

Ribose’s CNA is registered under the MITRE CNA root organization, with a scope of responsibility covering assignment of CVE numbers and publication of vulnerability information for all its proprietary as well as open-source products and services. The Ribose CNA website is now accessible at https://open.ribose.com.

“Ribose has long demonstrated its commitment to cybersecurity through our responsible disclosure program. Under the governance of the CVE Board, the Ribose CNA is now able to assign CVE identifiers for vulnerabilities discovered on our products and services, allowing us to communicate important cybersecurity information with our users as early as possible in a responsible and consistent manner,” said Ronald Tse, founder of Ribose. “With users increasingly relying on our products and services for mission critical usage, we are excited to strengthen our cybersecurity commitment by joining the CVE Program as a CVE Numbering Authority.”

About Ribose

Ribose creates asymmetric security^™ and standardization technologies trusted by industries with heightened cybersecurity needs. Having pioneered the comprehensive approach to verifiable cybersecurity, Ribose is a Deloitte Technology FAST 20 and Red Herring Top 100 Global company, and received the CSA APAC Enterprise Award and several Stevie^® Awards for its innovations.

Ribose is the first cloud service provider to achieve certification to the CSA CCM 4.0 and to achieve the highest security tiers in NIST CSF and MTCS. It is also certified to ISO 9001, ISO 14001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO/IEC 27701, ISO 45001 and BS 202000.

Learn more at: ribose.com.

About the CVE Program

The mission of the Common Vulnerabilities and Exposures (CVE^®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. CVE is sponsored by U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). CVE and the CVE logo are registered trademarks of The MITRE Corporation.

Learn more at: cve.org.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230425005036/en/

Under the governance of the CVE Board, the Ribose CNA is now able to assign CVE identifiers for vulnerabilities discovered on our products and services, allowing us to communicate important cybersecurity information with our users.