{"id":14059,"date":"2020-09-18T16:30:54","date_gmt":"2020-09-18T19:30:54","guid":{"rendered":"https:\/\/ostec.blog\/?p=14059"},"modified":"2020-09-18T16:33:46","modified_gmt":"2020-09-18T19:33:46","slug":"cve-combat-security-breaches","status":"publish","type":"post","link":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/","title":{"rendered":"CVE: a collaborative effort to combat security breaches"},"content":{"rendered":"

Since humanity started storing data on computers, there has been a concern to keep this set of information safe. The gigantic growth in access to computers, tablets and smartphones has only increased the number of threats to protect everything that is saved in these devices \u2013 or through them, as in the case of cloud computing. This expansion is confirmed and reaffirmed every day, through news reporting that even high-ranking members of the government are suffering invasions \u2013 even though they are surrounded by specialized cybersecurity bodies.<\/p>\n

However, anyone working to prevent and combat attacks on information systems and data storage is aware. Proof of this is that they create and perfect ways to minimize risks and damages resulting from invasions, and even prevent them from happening. The professionals dedicated to this task work collaboratively, sharing information and knowledge on the subject with the whole world.<\/p>\n

One of these initiatives is\u00a0CVE<\/b>, which stands for\u00a0Common Vulnerabilities and Exposures<\/b>. It is a mix of dictionary and catalog with lists of names for vulnerabilities and other information security exposures. CVE is free and public for use by anyone interested in researching vulnerabilities and security tools.<\/p>\n

CVE is maintained and updated through collaborative work by the entire professional community, called the CVE Editorial Board. This institution has representatives from various security-related organizations, such as security tool developers, academic bodies and governments.<\/p>\n

But what are these vulnerabilities?<\/h2>\n

According to the ISO 27000 information security certification\u00a0<\/span>(read the post we created about this ISO by clicking here)<\/a>, vulnerabilities are the weaknesses of an asset that could potentially be exploited by one or more threats, resulting from human failures, outdated technologies or even even for malicious actions.<\/p>\n

In this sense, those who work with information security have already seen denominations of vulnerabilities or links that lead to sites that detail the fault found. These are links with the title CVE followed by a dash, four digits that identify a year, plus a dash and four other numbers. An example would be CVE-2019-0001, with 2019 being the year in which the failure was reported \u2013 one of the ways to report the problem is through the website\u00a0<\/span>https:\/\/www.exploit-db.com<\/a>.<\/p>\n

Each CVE item has a status, which can be either \u201centry\u201d or \u201ccandidate\u201d. While the \u201centry\u201d classification means that the name has been included in the CVE list, the \u201ccandidate\u201d points out that the nomenclature is under review for inclusion in the list \u2013 with the possibility of entering or not. In addition to the name with numbers and status, you should have a brief description of the vulnerability and references or supervision reports.<\/p>\n

There are also the \u201cReserved\u201d, \u201cDisputed\u201d and \u201cRejected\u201d statuses. The first one means that the threat has been reserved for use, but details of the vulnerability are still missing. The second deals with items where there is disagreement by a party involved about the problem, the ideal being, in this case, that there be more research for other references \u2013 or that a contact be made with the affected supplier or developer. Entries with the \u201crejected\u201d code should be ignored, as they were not accepted at CVE.<\/p>\n

What does CVE do for my company\u2019s security?<\/h2>\n

CVE makes a difference when it comes to selecting the best security feature choices for your business\u2019s information technology structure \u2013 regardless of size or industry.<\/p>\n

However, it should be noted that CVE is a guide that helps to identify flaws, without being able to accurately determine which vulnerability was exploited in an eventual invasion. After all, its function is to give information about failures after they have been found, something that facilitates the correction and search for technical details.<\/p>\n

CVE is therefore one of the best and most reliable sources of research on failures and exposures. It allows you to use the name of the specific vulnerability in a search, allowing companies to obtain information quickly and accurately from a variety of CVE-compliant data sources.<\/p>\n

So, how to be protected from vulnerabilities?<\/p>\n

It is a relatively complex process to keep threats at bay, and risks must be controlled to protect and secure the company\u2019s systems. It is essential to carry out preventive actions and manage vulnerabilities, which is the process of identifying, classifying, analyzing and addressing failures.<\/p>\n

Acting frequently and professionally, you can find out which CVEs reach your company, compare the developments each week, as well as different problems and solutions. In this contexto,\u00a0<\/span>OSTEC<\/a>\u00a0<\/span>has a wide range of products and services focused on digital security that guarantee total protection for your results. Talk to one of our experts and learn more.<\/p>\n","protected":false},"excerpt":{"rendered":"

Since humanity started storing data on computers, there has been a concern to keep this set of information safe. The gigantic growth in access to computers, tablets and smartphones has only increased the number of threats to protect everything that is saved in these devices \u2013 or through them, as in the case of cloud […]<\/p>\n","protected":false},"author":13,"featured_media":14062,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[984,992],"tags":[],"class_list":["post-14059","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","category-learning-and-discovery"],"yoast_head":"\nCVE: a collaborative effort to combat security breaches - OSTEC | Seguran\u00e7a digital de resultados<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE: a collaborative effort to combat security breaches - OSTEC | Seguran\u00e7a digital de resultados\" \/>\n<meta property=\"og:description\" content=\"Since humanity started storing data on computers, there has been a concern to keep this set of information safe. The gigantic growth in access to computers, tablets and smartphones has only increased the number of threats to protect everything that is saved in these devices \u2013 or through them, as in the case of cloud […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/\" \/>\n<meta property=\"og:site_name\" content=\"OSTEC | Seguran\u00e7a digital de resultados\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ostec\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-18T19:30:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-09-18T19:33:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"928\" \/>\n\t<meta property=\"og:image:height\" content=\"534\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Thais Souza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ostecsecurity\" \/>\n<meta name=\"twitter:site\" content=\"@ostecsecurity\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/\"},\"author\":{\"name\":\"Thais Souza\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33\"},\"headline\":\"CVE: a collaborative effort to combat security breaches\",\"datePublished\":\"2020-09-18T19:30:54+00:00\",\"dateModified\":\"2020-09-18T19:33:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/\"},\"wordCount\":773,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/ostec.blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg\",\"articleSection\":[\"General\",\"Learning and discovery\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/\",\"url\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/\",\"name\":\"CVE: a collaborative effort to combat security breaches - OSTEC | Seguran\u00e7a digital de resultados\",\"isPartOf\":{\"@id\":\"https:\/\/ostec.blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg\",\"datePublished\":\"2020-09-18T19:30:54+00:00\",\"dateModified\":\"2020-09-18T19:33:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage\",\"url\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg\",\"contentUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg\",\"width\":928,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\/\/ostec.blog\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE: a collaborative effort to combat security breaches\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ostec.blog\/#website\",\"url\":\"https:\/\/ostec.blog\/\",\"name\":\"OSTEC | Seguran\u00e7a digital de resultados\",\"description\":\"Empresa especializada na oferta de produtos e servi\u00e7os de seguran\u00e7a digital.\",\"publisher\":{\"@id\":\"https:\/\/ostec.blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ostec.blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/ostec.blog\/#organization\",\"name\":\"OSTEC Business Security\",\"url\":\"https:\/\/ostec.blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png\",\"contentUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png\",\"width\":251,\"height\":67,\"caption\":\"OSTEC Business Security\"},\"image\":{\"@id\":\"https:\/\/ostec.blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/ostec\",\"https:\/\/x.com\/ostecsecurity\",\"https:\/\/www.instagram.com\/ostecsecurity\/\",\"https:\/\/linkedin.com\/company\/ostec-security\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33\",\"name\":\"Thais Souza\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g\",\"caption\":\"Thais Souza\"},\"url\":\"https:\/\/ostec.blog\/en\/author\/thais-souza\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE: a collaborative effort to combat security breaches - OSTEC | Seguran\u00e7a digital de resultados","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/","og_locale":"en_US","og_type":"article","og_title":"CVE: a collaborative effort to combat security breaches - OSTEC | Seguran\u00e7a digital de resultados","og_description":"Since humanity started storing data on computers, there has been a concern to keep this set of information safe. The gigantic growth in access to computers, tablets and smartphones has only increased the number of threats to protect everything that is saved in these devices \u2013 or through them, as in the case of cloud […]","og_url":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/","og_site_name":"OSTEC | Seguran\u00e7a digital de resultados","article_publisher":"https:\/\/www.facebook.com\/ostec","article_published_time":"2020-09-18T19:30:54+00:00","article_modified_time":"2020-09-18T19:33:46+00:00","og_image":[{"width":928,"height":534,"url":"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg","type":"image\/jpeg"}],"author":"Thais Souza","twitter_card":"summary_large_image","twitter_creator":"@ostecsecurity","twitter_site":"@ostecsecurity","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#article","isPartOf":{"@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/"},"author":{"name":"Thais Souza","@id":"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33"},"headline":"CVE: a collaborative effort to combat security breaches","datePublished":"2020-09-18T19:30:54+00:00","dateModified":"2020-09-18T19:33:46+00:00","mainEntityOfPage":{"@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/"},"wordCount":773,"commentCount":0,"publisher":{"@id":"https:\/\/ostec.blog\/#organization"},"image":{"@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage"},"thumbnailUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg","articleSection":["General","Learning and discovery"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/","url":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/","name":"CVE: a collaborative effort to combat security breaches - OSTEC | Seguran\u00e7a digital de resultados","isPartOf":{"@id":"https:\/\/ostec.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage"},"image":{"@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage"},"thumbnailUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg","datePublished":"2020-09-18T19:30:54+00:00","dateModified":"2020-09-18T19:33:46+00:00","breadcrumb":{"@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#primaryimage","url":"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg","contentUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2019\/09\/Reuni\u00e3o.jpg","width":928,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/ostec.blog\/en\/general\/cve-combat-security-breaches\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/ostec.blog\/en\/"},{"@type":"ListItem","position":2,"name":"CVE: a collaborative effort to combat security breaches"}]},{"@type":"WebSite","@id":"https:\/\/ostec.blog\/#website","url":"https:\/\/ostec.blog\/","name":"OSTEC | Seguran\u00e7a digital de resultados","description":"Empresa especializada na oferta de produtos e servi\u00e7os de seguran\u00e7a digital.","publisher":{"@id":"https:\/\/ostec.blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ostec.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/ostec.blog\/#organization","name":"OSTEC Business Security","url":"https:\/\/ostec.blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ostec.blog\/#\/schema\/logo\/image\/","url":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png","contentUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png","width":251,"height":67,"caption":"OSTEC Business Security"},"image":{"@id":"https:\/\/ostec.blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ostec","https:\/\/x.com\/ostecsecurity","https:\/\/www.instagram.com\/ostecsecurity\/","https:\/\/linkedin.com\/company\/ostec-security"]},{"@type":"Person","@id":"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33","name":"Thais Souza","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ostec.blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g","caption":"Thais Souza"},"url":"https:\/\/ostec.blog\/en\/author\/thais-souza\/"}]}},"_links":{"self":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/posts\/14059","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/comments?post=14059"}],"version-history":[{"count":0,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/posts\/14059\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/media\/14062"}],"wp:attachment":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/media?parent=14059"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/categories?post=14059"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/tags?post=14059"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}