Dragos has been authorized to assign vulnerability identifiers for a Cybersecurity and Infrastructure Security Agency-sponsored program that documents exploitable software and firmware weaknesses.
The company said Tuesday it received a numbering authority status under the Common Vulnerabilities and Exposures program to provide ID references if the software provider discovers a potential security threat in its own and third-party products.
Ben Miller, vice president of services at Dragos, said the company aims to “communicate vulnerability information to the broader industrial community” with the CNA designation.
Hanover, Maryland-based Dragos offers a platform designed to help industrial control system and operational technology operators analyze data sources to gain visibility into their ICS/OT environment.
The CVE documentation initiative currently has 237 partners worldwide, the company noted.