Press Release

Coalfire Authorized as CVE Numbering Authority

December 17, 2020

CVE Program Builds Best-Practice Cooperation for International Cyber Defense

WESTMINSTER, CO – December 17, 2020 – Coalfire, a provider of cybersecurity advisory and assessment services, has been approved by the Common Vulnerabilities and Exposures (CVE) Program to identify and disclose CVEs as a CVE Numbering Authority (CNA).

As a CNA, Coalfire is now authorized to identify and assign CVE numbers to vulnerabilities discovered in the course of the company’s work with clients in cyber risk assessment, analysis, technical testing, threat modeling, attack simulation services, and in research and development.

“We’re honored to bring Coalfire’s experience in multiple industries and multi-cloud environments to the CVE Program,” said Mike Weber, vice president of innovation, Coalfire Labs. “The CNA community is working together to provide a common language and framework to defend against cybercrime around the world. As we’re expanding our vulnerability research and development capabilities and our CoalfireOne compliance automation suite, we look forward to making a difference through the relentless research, identification, and sharing of new threats and security flaws.”

“Coalfire's expertise and experience in uncovering and documenting novel vulnerabilities in the wild will be a welcome addition to the CNA community,” said Tod Beardsley, Research Director at Rapid7 and CVE Board member. “I'm always happy to see more in-the-field practitioners with solid penetration testing and red teaming programs join forces with the CVE Project."

About the CVE Program

Common Vulnerabilities and Exposures (CVE®) is an international, community-based effort that maintains an open data registry of vulnerabilities. The CVE identifiers assigned through the registry enable users to rapidly discover and correlate vulnerability information to protect systems against attacks. The CVE Program currently has 148 CNAs in 25 countries. For more information visit:

About Coalfire

Coalfire is the trusted cybersecurity advisor that helps private and public sector organizations avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, assessments, technical testing and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives and fuel their continued success. Coalfire has been a cybersecurity thought leader for nearly 20 years and has offices throughout the United States and Europe. For more information, visit


For media inquiries:
Mike Gallo
(212) 239-8594