
Vulnerability Overload: The NVD and CVE Challenges Ahead
From Infosecurity Magazine Podcast by Infosecurity Magazine
April 22, 2025 · 54 min
About this episode
This episode explores the challenges faced by the National Vulnerability Database and the CVE Program amidst increasing vulnerability reporting.
In this episode of Infosecurity Magazine's podcast, we delve into the critical realm of vulnerability management, exploring the pivotal roles played by two US government-funded security programs that today are under pressure as vulnerability reporting explodes. Join us as we discus the latest developments involving the National Vulnerability Database (NVD), operated by a dedicated team within NIST, which has been under pressure for the last 12 months. We’ll also touch on the recent uncertainty relating to the CVE Program, sponsored by the US Department of Homeland Security (DHS) and CISA and managed by the non-profit MITRE Corporation. These programs serve as essential data sources for organizations worldwide, enabling them to identify, prioritize and remediate vulnerabilities effectively. Our discussion is enriched by insights from expert guests, including: • Brian Martin, former member of the CVE Board (10:23) • Stephen Shaffer, a principal security engineer at a leading pharmaceutical company (26:55) • Rose Gupta, Cyber Exposure Management Lead at AssuredPartners (39:43) Discover more from our sponsor, Vanta…
People in this episode
Guests: Brian Martin, Stephen Shaffer, Rose Gupta
Topics covered
- vulnerability management
- National Vulnerability Database
- CVE Program
- security programs
- vulnerability reporting
- cybersecurity
Keywords
- vulnerability management
- NVD
- CVE
- cybersecurity
- vulnerability reporting
- NIST
- DHS
- CISA
- MITRE
Sponsors
Vanta
Mentioned in this episode
Organizations: National Vulnerability Database, NIST, CVE Program, US Department of Homeland Security, CISA, MITRE Corporation
More episodes of Infosecurity Magazine Podcast
- Infosecurity Europe 2026: A Guide to Getting the Most Out of the Event · May 18, 2026 · 29 min
- Inside the Code War: Defending Against Nation-State Cyber Threats · April 20, 2026 · 38 min
- Exclusive Interview with OpenClaw’s Security Advisor · March 13, 2026 · 59 min
- Ransomware Dethroned by Cyber Fraud: Insights from the WEF’s Cybersecurity Outlook 2026 · February 11, 2026 · 31 min
- How 2025 Shaped the Future of Cybersecurity With Rebecca Taylor & Will Thomas · December 9, 2025 · 34 min
- Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations · November 4, 2025 · 34 min
Explore listener stats, chart rankings, contacts and more on the Infosecurity Magazine Podcast podcast page.