Browse Definitions :
Definition

National Vulnerability Database (NVD)

National Vulnerability Database (NVD) is a government repository of standards-based vulnerability information.

The NVD is a product of the National Institute of Standards and Technology (NIST) Computer Security Division and is used by the U.S. Government for security management and compliance as well as automatic vulnerability management.

The NVD is sponsored by the Department of Homeland Security (DHS), NCCIC and US-CERT. NVD is used as the repository for security-related content for NIST's security content automation protocol (SCAP). The National Security Agency (NSA), OSD, DHS, NIST, and DISA are all users of NVD as part of the government's information security automation program.

The automation of the systems through SCAP and NVD, for example, as well as patch management are enabled by the Federal Desktop Core Configuration (FDCC), a checklist for mandatory configuration settings on US government computers.

This was last updated in March 2015

Continue Reading About National Vulnerability Database (NVD)

SearchCompliance

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

  • whaling attack (whaling phishing)

    A whaling attack, also known as whaling phishing or a whaling phishing attack, is a specific type of phishing attack that targets...

  • cyber attack

    A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to ...

  • backdoor (computing)

    A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

Close