In this session, we’ll be looking at the systems that support the CVE community. Over the past two years the CVE program has deployed the new CVE-Services API, as well as the new beta
cve.org website. With the support of the community, MITRE has worked to adopt and implement DevSecOps methodologies and practices that have been a vital asset in building, provisioning, and deploying these systems that are used by CVE Numbering Authorities (CNAs), worldwide.
Some of the topics that we will discuss include:
- The purpose of the CVE program
- What is CVE-Services and how does it make its way from GitHub to production?
- DevSecOps culture in the CVE program