EU Bug Database Fully Operational as US Slashes Infosec

Arthur T Knackerbracket has processed the following story:

The European Vulnerability Database (EUVD) is now fully operational, offering a streamlined platform to monitor critical and actively exploited security flaws amid the US struggles with budget cuts, delayed disclosures, and confusion around the future of its own tracking systems.

As of Tuesday, the full-fledged version of the website is up and running.

"The EU is now equipped with an essential tool designed to substantially improve the management of vulnerabilities and the risks associated with it," ENISA Executive Director Juhan Lepassaar said in a statement announcing the EUVD.

"The database ensures transparency to all users of the affected ICT products and services and will stand as an efficient source of information to find mitigation measures," Lepassaar continued.

The European Union Agency for Cybersecurity (ENISA) first announced the project in June 2024 under a mandate from the EU's Network and Information Security 2 Directive, and quietly rolled out a limited-access beta version last month during a period of uncertainty surrounding the United States' Common Vulnerabilities and Exposures (CVE) program.

More broadly, Uncle Sam has been hard at work slashing CISA and other cybersecurity funding while key federal employees responsible for the US government's secure-by-design program have jumped ship.

Plus, on Monday, CISA said it would no longer publish routine alerts - including those detailing exploited vulnerabilities - on its public website. Instead, these updates will be delivered via email, RSS feeds, and the agency's account on X.

With all this, a cybersecurity professional could be forgiven for doubting the US government's commitment to hardening networks and rooting out vulnerabilities.

Read more of this story at SoylentNews.