Nozomi Networks products are ISO 9001: 2015 certified. The company uses the MITRE ATT&CK Framework for ICS terminology in its detection and alerting capabilities, providing immediate context for any detected activity and reducing the need for additional research to understand the significance of the behavior. Since 2013, Nozomi Networks researchers have made more than a dozen responsible disclosures, which to date have resulted in 13 CISA ICS-CERT Advisories. This includes assigning CVE numbers to vulnerabilities found in the company’s own products as well as third-party automation and industrial products not covered by another CNA. Their specialized expertise in OT and IoT cybersecurity and the processes they have established to ensure the cybersecurity of their own products make them a valued member of the CNA team.”Īs a CNA, Nozomi Networks can now assign CVE numbers to newly identified vulnerabilities and publicly disclose information about these vulnerabilities. They’ve consistently demonstrated a high level of professionalism and expertise in helping impacted customers and vendors quickly address identified vulnerabilities. Nozomi Networks leads their industry in the number of responsible disclosures made to the United States ICS-CERT. “In addition to a deep commitment to ensuring the security of their own products, a team of researchers in Nozomi Networks Labs also works to identify vulnerabilities in other industrial equipment and software. “We are pleased to grant Nozomi Networks CVE Numbering authority,” said Scott Lawler, CEO LP3 and CVE Board Member. Nozomi Networks joins an elite group of 136 CNA organizations spanning 24 countries and is the first OT & IoT security specialist to join the program. It is the de facto international standard for identifying and naming cybersecurity vulnerabilities. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE.
SAN FRANCISCO, September 15, 2020 - Nozomi Networks Inc., the leader in OT and IoT security, today announced it has been recognized by the CVE Program as an authorized CVE Numbering Authority (CNA), assigning CVEs in the area of OT & IoT vulnerabilities. Becomes first OT & IoT security specialist to join the globally recognized program
0 kommentar(er)
