EU Launches Vulnerability Database in Wake of CISA Cuts

With the feds planning to cut, maybe, 40 percent of CISA’s staff and a half billion dollars, the EU is making its own plans.

Just last month CISA almost shut down the Mitre Common Vulnerabilities and Exposures database that the industry is dependent on. CISA only renewed the contract with one hour to space and only for eleven months.

The EU’s Agency for Cybersecurity (ENISA) created their version of the vulnerabilities tracking database, which will be call EUVD – European Union Vulnerabilities Database. Creative, huh?

While the EU is not blaming the US government, the message is pretty clear. We don’t trust you anymore and are not going to depend on you.

For everyone from researchers to corporate security teams, having a second source of data, even if CISA does continue to track and publish some form of vulnerability disclosures, is a good thing.

Being political animals, the EU said that the EUVD is not a replacement for the CVE database and they want to work with CISA. BUT, unsaid, if CISA’s database goes away, they will be sad, but not lose any sleep.

The EUVD is going to collect data from multiple sources and has dashboards for critical vulnerabilities, another for exploited vulnerabilities and a third for EU-coordinated vulnerabilities (among EU security teams).

The database can be found at https://euvd.enisa.europa.eu/

Credit: Cybernews and Data Breach Today

by