Reward your researchers fairly - try our bug bounty calculator today!

Try our bug bounty calculator

Intigriti announces authorization as a CVE Numbering Authority (CNA)

By Anna Hammond

August 7, 2024

Intigriti authorized as a CNA

London, UK & Antwerp, Belgium – Aug 06 – Intigriti, a leading platform in vulnerability management and bug bounty, announces today that it has been recognized by the CVE Program as a CVE Numbering Authority (CNA). The CVE Program is an international, community-based initiative dedicated to identifying, defining, and cataloging publicly disclosed cybersecurity vulnerabilities. 

“The recognition as a CVE Numbering Authority underscores Intigriti's commitment to advancing cybersecurity,” said Inti De Ceukelaire, Chief Hacker Officer, Intigriti. “The CVE program empowers us to attribute CVE entries to security researchers for their critical discoveries and to streamline the process for companies in managing vulnerabilities worldwide.” 

Key takeaways: 

  • Recognizing researchers for 0-day discoveries: As an authorized CNA, Intigriti now enables researchers to secure official CVE entries for their 0-day discoveries, giving them the recognition they deserve. This is important for researchers who might struggle to work directly with the security teams of the impacted company to obtain a CVE. 

  • Reducing workload for companies: For companies that are not CNAs, Intigriti now has the ability to publish CVEs without the need to interact with the CVE Program directly, effectively reducing companies’ workload. Even for companies that are CNAs, Intigriti can help offload some of the internal processes, simplifying the overall management of vulnerabilities. 

The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. The CVE List, built by CNAs, feeds into the U.S. National Vulnerability Database (NVD), helping organizations to: 

  • Keep up to date with the latest security threats 

  • Create action plans to address vulnerabilities 

  • Collaborate with other cybersecurity professionals using consistent information. 

The CVE Program depends on security researchers worldwide to identify vulnerabilities. These are then recorded and shared by partner organizations, including CNAs. These CVE Records enable program stakeholders to quickly discover and correlate vulnerability information, ensuring they are tackling publicly disclosed issues and effectively defending their systems against attacks. 

Learn more about Intigriti's security & compliance posture in the Trust Center