IQSIGHT Strengthens Cybersecurity Commitment as Newly Appointed CVE Numbering Authority

IQSIGHT, a global leader in intelligence-first video security, today announced its appointment as a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) in the global CVE™ Program. This milestone reinforces IQSIGHT’s dedication to transparency and proactive security management, allowing the organization to issue unique, standardized CVE Identifiers (CVE IDs) and publish CVE Records for vulnerabilities found in its software and firmware.

Previously accomplished through the Bosch Product Security Incident Response Team, the new CNA designation for IQSIGHT will streamline the process for assigning CVE IDs, publishing CVE Records on the CVE List, and providing critical advisory information on the IQSIGHT website. This milestone reflects the company's ongoing efforts to ensure data security and cyber resilience in its products by strengthening vulnerability management.

"Becoming a CVE Numbering Authority is a significant step in our mission to provide intelligence-first video security that leaders can trust," said Thomas Elsässer, Vice President of Research and Development at IQSIGHT. "By managing our own CVE assignments, we are ensuring customers receive timely information about potential security risks along with the appropriate mitigation strategies.”

IQSIGHT has been onboarded as a CNA under the European Union Agency for Cybersecurity (ENISA), which serves as the organization’s CVE Root.

Commitment to Global Standards and Compliance

As cybersecurity regulations evolve, IQSIGHT remains committed to meeting and exceeding government compliance requirements, such as the European Union’s Cyber Resilience Act. By establishing these capabilities now, IQSIGHT ensures it is well-positioned to meet future regulatory demands while prioritizing the safety of user data.

About the CVE Program

The mission of the CVE™ Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue and to coordinate their efforts to prioritize and address the vulnerabilities.