Managed security service provider (MSSP) The Missing Link has been authorised by the Common Vulnerabilities and Exposures (CVE) Program to bring attention to vulnerabilities online.
As a CVE Numbering Authority (CNA), The Missing Link can publish CVE records, which allows program stakeholders to discover and correlate vulnerability information to protect systems against attacks.
It can also assign CVE identification numbers to new vulnerabilities in third-party software not covered by another CNAs purview.
As of publishing, security consultants at the MSSP have found at least 32 zero-day vulnerabilities.
“Our mission has always been to bring clarity to the complex world of ICT security and our CNA authorisation now means we can streamline disclosure of vulnerabilities, communicating them with our customers in a more timely manner,” said The Missing Link application security manager Jack Misiura.
“I’m proud to be part of our team of security experts, who have discovered CVEs, or zero-days, in multiple commonly used products. We’re passionate about finding, disclosing and patching or fixing zero-day vulnerabilities before hackers can exploit the weakness.”