Critical resources for understanding, stabilizing, and curating this cornerstone of global cybersecurity.
| Source Document | Author | Topic | Summary |
|---|---|---|---|
| Start With Why | Inspire | Original TEDx talk on how great leaders inspire action through the "Golden Circle" model—focusing on the Why (purpose) before the How and What. | |
| CISA Strategic Focus - CVE Quality | Governance | Outlines a modernization plan for the CVE program, focusing on governance, data quality, and scalability to ensure accuracy and trust for global risk management. | |
| CNA Scorecard | Completeness | A transparency tool measuring how CVE Numbering Authorities populate essential data fields. Key philosophy: Completeness is not quality, but actionable data leads to better security outcomes. | |
| CVE Analytics | Analytics | A resource by RogoLabs designed to transform overwhelming vulnerability data into clear, actionable intelligence that security teams can actually use. | |
| CVE™ Program | Official Website | The official mission site of the CVE program, dedicated to identifying, defining, and cataloging publicly disclosed cybersecurity vulnerabilities. Repository of basic educational videos, program structure, etc. | |
| CVE Foundation | Official Website | Official site focused on building a trusted, stable, and durable global community to support and sustain the CVE Program's long-term operations. | |
| Cyberspace Solarium Commission | Policy | A landmark 2020 report with 83 recommendations that drove the creation of the ONCD, cybersecurity-focused executive orders, and expanded authority and funding for CISA. | |
| CSC 2.0 2025 Annual Report | Assessment | A comprehensive status report on the progress of U.S. Cyberspace Solarium Commission recommendations, featuring specific calls to action (CTAs) for continued implementation. |