OTORIO authorized as CNA by common vulnerabilities and exposures program

November 16, 2023

OTORIO Launches Risk Assessment Technology for OT Security with Integrated Advanced Attack Graph Analysis

Operational technology (OT) cyber and digital risk management solutions firm OTORIO announced Wednesday that it has been authorized as a CVE Numbering Authority (CNA) by the Common Vulnerabilities and Exposures (CVE) Program. The designation allows OTORIO to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities, contributing to the global effort to enhance cybersecurity awareness, and strengthen digital defenses.

The CVE Program is an international, community-driven initiative that relies on partnerships with organizations worldwide, including industry, academic, and government representatives, to discover, define, and catalog cybersecurity vulnerabilities.

CVE numbers, assigned and published by CNAs like OTORIO, are unique identifiers for specific cybersecurity issues, enabling consistent communication and collaboration among information technology and security professionals. CVE Records published in the catalog empower stakeholders to rapidly identify vulnerabilities, ensuring timely and effective responses to potential security threats.

“Our authorization as a CVE Numbering Authority is a testament to our ongoing commitment to cybersecurity excellence,” Eran Jacob, head of research at OTORIO, said in a media statement. “We are honored to join the CVE community and play a vital role in identifying and addressing cybersecurity vulnerabilities. This partnership aligns with our mission to create a safe, autonomous world by providing accurate and consistent information about cybersecurity issues.”

OTORIO can now provide customers and partners with more comprehensive and up-to-date information about cybersecurity vulnerabilities, enabling them to respond effectively to potential threats and contributing to their overall cybersecurity posture. The designation underscores OTORIO’s commitment to cybersecurity excellence and its dedication to enhancing digital defenses.

OTORIO has established a dedicated advisory page where the company will regularly update information about reported vulnerabilities.

Last month, OTORIO announced it has secured ISO 27001 certification for information security management systems (ISMS) and IEC 62443-4-1, a global benchmark for cybersecurity in industrial automation and control systems (IACS). These certifications further establish OTORIO’s position in the OT sector and its commitment to fostering a secure, reliable, and cyber-resilient future.