“We Speak CVE” podcast host Shannon Sabens chats with CVE Consumer Working Group (CWG) co-chairs, Jay Jacobs and Bob Lord, and CVE™ Project Lead Alec Summers, about how the CWG was created to address the needs and perspectives of those who use CVE data — ranging from enterprise security teams to tool developers and managed security service providers — recognizing that their requirements and pain points often differ from those of upstream data providers.
Topics include the CWG’s goals to systematically capture and organize consumer feedback, identify common and unique challenges across different user types, and inform improvements in the CVE Program; the diversity and international participation among sign-ups, including organizations outside the usual sphere, such as medical companies; and the concept of “patch smarter, not harder,” stressing the importance of prioritization and high-quality data to help defenders manage the overwhelming volume of vulnerabilities. In addition, listeners are encouraged to join the CWG for meetings scheduled to accommodate global involvement and help participate in shaping the future of CVE.