Members of CVE Board in Attendance
Patrick Emsweller, Cisco Systems, Inc.
Kent Landfield, McAfee
Scott Moore, IBM
Lisa Olson, Microsoft
Kathleen Noble, Intel
David Waltermire, National Institute of Standards and Technology (NIST)
Ken Williams, Broadcom Inc.
Members of MITRE CVE Team in Attendance
2:15 – 3:00: Working Groups
3:00 – 3:30: Root CNA Update
3:35 - 3:40: Schedule interview for nomination
3:40 - 3:50: CNA Report Card Q1’20
3:50 – 3:55: Open Discussion
§ Planning underway for virtual outreach opportunities during COVID-19.
o Quality Working Group (QWG): Dave Waltermire/Jonathan Evans
– AWG meeting held on April 28, 2020:
§ AWG meetings moved to every Tuesday at 4:00pm ET so the SPWG meeting can occur first on Monday for post sprint reviews and pre-sprint discussions.
§ Ongoing efforts to develop the AWG services:
§ Posting on GitHub: All the pre-sprint analysis, post sprint analysis, and other AWG artifacts will be available for AWG members to review and reference.
§ CVE Web form updates reflect 40% of CVE information coming to the program. We need a clear plan for existing CNAs so they can migrate their functionality and encourage them to use JSON format, instead of CVE webform.
§ Received two CNA requests since the last CVE Board meeting (held on 4/15/20).
§ Three onboarding sessions since the last CVE Board meeting.
§ One CNA onboarding sessions scheduled.
§ Two CNA announcements since last CVE Board meeting: CERT@VDE and Silver Peak
§ There are now 120 CNAs participating in the program in 21 countries
§ 96 in total CNA pipeline: 16 in Q3’19; 17 in Q4’19; 24 in Q1’20 and 7 in Q2’20
§ Six pending CNA announcements.
– CNA missing disclosure policies and/or advisory locations underway
§ We have emailed CNAs that are missing disclosures policies and/or advisory locations. We have received 8 responses so far and around 18 are missing one of the two requirements.
§ JPCERT - Jonathan Evans
o CNA Status Updates:
MITRE Voting – Chris Levendis
Schedule interview for nomination
§ Jay Gazlay was nominated on Monday, April 27, 2020. Chris Levendis suggested the interview be at the next CVE Board meeting on May 13, 2020.
CNA Report Card Q1’20
Open Source Fuzzing – David Waltermire
Wednesday, May 13, 2020 at 2:00PM EDT
CVE_Board_Meeting_29 April 2020 FINAL.pdf (528K) Download Attachment
|Free forum by Nabble||Edit this page|