FIRST would like to gratefully acknowledge the following organizations and individuals for their support!
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
Brinqa centralizes vulnerability and security tool findings, enriching the data with business and threat context to provide a unified view of cyber risk across your entire attack landscape. By correlating vulnerabilities, business context and threat intelligence, Brinqa creates a Cyber Risk Graph--a live model of all assets, vulnerabilities, and their relationships. This enables risk-based vulnerability management across IT, apps and cloud systems, automated remediation, and easier audit and compliance reporting to understand, optimize, and prove your impact on IT and business risk reduction.
Nucleus is a Risk-Based Vulnerability Management (RBVM) solution that automates vulnerability management processes and workflows, enabling organizations to mitigate vulnerabilities 10 times faster, using a fraction of the resources that it takes to perform these tasks today.
Opus Security empowers security and engineering teams to orchestrate effective, collaborative, results-driven remediation. Operating as a SaaS remediation platform, Opus enables customers to aggregate, de-duplicate, and prioritize vulnerabilities across application security tools, cloud-native applications, and infrastructure. Opus Security’s cloud-native remediation platform easily integrates with existing toolsets and consolidates security issues across tools and environments, automatically streamlining critical remediation processes. Opus manages the entire remediation process from end-to-end, reducing remediation time from weeks to days.
FOSSA is a leading application security and compliance platform that specializes in helping engineering teams deliver trusted software. FOSSA enables companies to prioritize real vulnerabilities in their open source software with comprehensive SCA (software composition analysis) capabilities, while also making it possible for organizations to automate compliance reporting and SBOM (software bill of materials) lifecycle management to meet customer and regulatory requirements. Founded in 2015, FOSSA is trusted by thousands of global organizations, has been downloaded nearly two million times, and has conducted nearly 100 million scans of open source software.
Intigriti is a rapidly growing cybersecurity company that specializes in crowdsourced security services to help organizations protect themselves from cybercrime. Our industry-leading bug bounty platform connects our customers with 90,000+ ethical hackers worldwide, ensuring proactive cybersecurity protection in a pay-for-impact model, meaning you only pay for valid vulnerability submissions. For more information, follow us on LinkedIn.
SecPod is a cyber security technology company with a mission to prevent cyberattacks on organizations. Our Continuous Vulnerability and Exposure Management solutions help organizations implement cyber hygiene measures across Enterprise IT infrastructure. SecPod's Saner platform provides continuous visibility to IT infrastructure, it identifies vulnerabilities, misconfigurations, and security risk exposures, mitigates vulnerabilities to reduce the attack surface, helps achieve continuous compliance. Our product philosophy is offering an easy-to-use solution with fast time to value that improves an organization's IT risk posture at a lower total cost of ownership Vs. using point solutions. SecPod is one of the first vendors to recognize and implement SSVC framework in our technology solutions. We look forward to hosting you at VulnCon 2025.
VulnCheck is the vulnerability intelligence company helping enterprises, government organizations, and cybersecurity vendors solve the vulnerability prioritization challenge. Trusted by some of the world's largest organizations responsible for protecting hundreds of millions of systems and people, VulnCheck helps organizations outpace adversaries by providing the most comprehensive, real-time vulnerability intelligence that is autonomously correlated with unique, proprietary exploit and threat intelligence. Follow the company on LinkedIn, Mastodon, or Twitter. vulncheck.com
Red Hat is the world's leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.