Original Post: Veracode Customers Shielded from NVD Disruptions
The US National Institute of Standards and Technology (NIST) has reduced its analysis of new vulnerabilities listed in the National Vulnerability Database (NVD), with almost half of the CVEs received this year still awaiting analysis. Veracode customers have access to a proprietary database that includes undisclosed vulnerabilities in open-source libraries, allowing them to address security issues without relying solely on the NVD. Veracode’s database is sourced from multiple channels, utilizes machine learning, and has a dedicated research team to identify and classify vulnerabilities accurately. Additionally, the database tracks license risks associated with third-party open-source components.
Go here to read the Original Post