CNA authorization demonstrates company’s mature vulnerability management practices and commitment to transparency

EMERYVILLE, Calif.: Tanium, a leader in Autonomous Endpoint Management (AEM), announced today it has been authorized by the CVE Program as a CVE Numbering Authority (CNA). As a CNA, Tanium will publicly document and disclose vulnerabilities, along with the applicable fixed version and remediation steps, in Tanium’s Software-as-a-Service (SaaS) and on-premises offerings.

“Tanium is reaffirming our long-standing commitment to security and transparency – in our product, to our customers and to the larger security industry. Tanium has consistently and responsibly disclosed vulnerabilities to its customers since 2017, and becoming a CNA marks the next step in our journey toward greater transparency and maturity in our proactive vulnerability management and responsible disclosure program,” said Loic Simon, vice president, security at Tanium. “The CVE Program’s vulnerability identification capability is fundamental to global vulnerability management, and we’re honored to now play a role in furthering threat information sharing around the world.”

The CVE Program is a community-driven effort to identify, define, catalog and share information about publicly disclosed cybersecurity vulnerabilities. As a CNA, Tanium will issue CVE Identifiers (CVE ID) and corresponding CVE Records, which will enable discussion and information sharing amongst the security community. By actively contributing to the CVE Program, Tanium provides value-added vulnerability information publicly, fostering trust and resilience in its customers and across the security landscape.

Tanium’s authorization as a CNA builds on the company’s high security standards which comply with various certifications and authorizations frameworks, including ISO 27001, ISO 27017, SOC2, FedRAMP and GovRAMP, in addition to other certifications listed on Tanium’s Trust Center.

For more information about Tanium’s secure by design principles, visit: https://www.tanium.com/about/security/

About Tanium

Tanium Autonomous Endpoint Management (AEM) offers the most comprehensive solution for intelligently managing endpoints across industries, providing capabilities for asset discovery and inventory, vulnerability management, endpoint management, incident response, risk and compliance, and digital employee experience. The platform supports 40% of the Fortune 100, delivering increasingly efficient operations and an improved security posture at scale, with confidence and in real-time. For more information on The Power of Certainty™, visit www.tanium.com and follow us on LinkedIn and X.

Legal Disclaimer

The information described herein is for general informational purposes only. This information is not a commitment, warranty, offer, promise, or legal obligation for us to deliver any future products, features, or functionality, and is not intended to be, and shall not be deemed to be, incorporated into any contract. The actual timing of any product, feature, or functionality that is ultimately made available may be different from what is described.

Fonte: Business Wire