As a cybersecurity organization, Netskope has a responsibility to be transparent about security issues reported in Netskope products and services which might have an impact on Netskope customers or partners. To fulfill this responsibility, Netskope has a smooth, transparent, and industry-standard process under our Product Security Incident Response Team (PSIRT) to disclose the security issues publicly which are reported in Netskope products from various sources.
As part of the PSIRT process, Netskope has worked with the Common Vulnerabilities and Exposures (CVE) program to register as a CVE Numbering Authority (CNA). The CVE program is a collaborative effort that relies on the community to provide a reference method for publicly known information security vulnerabilities and exposures termed as CVE Records.
As a result, Netskope has been authorized by the CVE Program as a CNA. A CNA is an organization responsible for the regular assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the vulnerability in the associated CVE Record. Each CNA has a specific scope of responsibility for vulnerability identification and publishing. Netskope’s CNA scope is all