ASUS Authorized by the CVE Program as a CVE Numbering Authority (CNA)

Cve Logo

Advancing ASUS’s commitment to risk mitigation and product security 


TAIPEI, Taiwan, September 18, 2024 ASUS today announced that it has been authorized by the CVE Program as a CVE Numbering Authority (CNA). The designation marks a new milestone in the company’s dedication to integrating security into its product design while pursuing pioneering innovation across a wide range of products and solutions.  

Common Vulnerabilities and Exposures (CVE) is an international, community-based effort that relies on the community to discover cybersecurity vulnerabilities. The mission of the CVE effort is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Once discovered, vulnerabilities are assigned and published in the CVE List. Partners also publish CVE Records to communicate consistent descriptions of vulnerabilities. CVE Numbering Authorities (CNAs) are organizations responsible for the regular assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the vulnerability in the associated CVE Record. Each CNA has a specific scope of responsibility for vulnerability identification and publishing.  

An increasing number of industry leaders worldwide are recognized by the CVE program. “Cybersecurity is an ongoing battle that requires constant vigilance and a collective effort. At ASUS, we emphasize product security and are dedicated to staying ahead of threats while maintaining the highest standards for our products,” said Robert Chin, ASUS Chief Information Security Officer (CISO), about this significant recognition. We are honored to be a CVE Numbering Authority, which allows us to assign CVE IDs to vulnerabilities in our products. This reinforces our commitment to top-tier security by ensuring timely identification and resolution of potential threats.” 

ASUS is an industry innovator that takes a proactive approach to integrating security and risk management measures into the development process of its products and solutions. For example, in 2022, as part of its vision of "Building Digital Resilience, Enhancing Brand Trust: Pursuing Excellence with Security in Mind," the company established the ASUS Digital Security Center a dedicated team that addresses internal and external security issues. It focuses on a variety of aspects of cybersecurity including incident monitoring and response, awareness training and culture cultivation, product security, and supply chain management  

Going forward, as a partner of the CVE program, ASUS will continue to strengthen the company's security posture, create robust products and solutions for customers, and build a more secure digital world for all. 

About ASUS
About ASUS

ASUS is a global technology leader that provides the world’s most innovative and intuitive devices, components, and solutions to deliver incredible experiences that enhance the lives of people everywhere. With its team of 5,000 in-house R&D experts, the company is world-renowned for continuously reimagining today’s technologies. Consistently ranked as one of Fortune’s World’s Most Admired Companies, ASUS is also committed to sustaining an incredible future. The goal is to create a net zero enterprise that helps drive the shift towards a circular economy, with a responsible supply chain creating shared value for every one of us.

https://asus.com
ASUS Achieves Forbes' World's Best Employers List

ASUS Achieves Forbes' World's Best Employers List