The security team at The OpenNMS Group has partnered with MITRE to become a Common Vulnerability and Exposures (CVE) Numbering Authority (CNA). Through the CVE program, MITRE ensures that application vulnerabilities are uniquely identified and accurately reported.

As a numbering authority, The OpenNMS Group security team will assign numbers to vulnerabilities and exposures identified within our projects and products. Any vulnerability scanning tool can use CVE numbers to help users identify and manage vulnerabilities within their infrastructure. Using unique CVE identifiers, users and stakeholders across the information security community can remain informed of vulnerabilities and how to address them.

“In our continuing effort to enhance our cybersecurity program, I am excited to take this next step of becoming a CNA,” says Jeff Jancula, Chief Information Security Officer at The OpenNMS Group. “As a CNA, OpenNMS has an avenue to transparently share security information with our customers and the open source community. CVEs also let us publicly recognize community members and customers that help improve the security of our projects. These improvements will strengthen our community relationships and help reduce risk associated with vulnerabilities.”

OpenNMS is a scalable and highly configurable open-source network management platform with comprehensive fault, performance, and traffic monitoring. OpenNMS routinely promotes responsible disclosure of potential cybersecurity vulnerabilities. Read more at opennms.com/security.