Listed here are prominent non-profit organisations who operate in the Cybersecurity arena.
CVE Identifiers: The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures.
CVE is used by the Security Content Automation Protocol, and CVE IDs are listed on MITRE’s system as well as the US National Vulnerability Database. See here.
US National Vulnerability Database
The National Vulnerability Database can be found here.
The National Vulnerability Database is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance.
NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics. NVD supports the Information Security Automation Program (ISAP).
In addition to providing a list of Common Vulnerabilities and Exposures (CVEs), the NVD scores CVEs to quantify the risk of vulnerabilities, calculated from a set of equations based on metrics such as access complexity and availability of a remedy.
|1||(ISC)2 – International Information Systems Security Certification Consortium||Headquartered in the United States and with offices in London, Hong Kong and Tokyo, the International Information Systems Security Certification Consortium, Inc., (ISC)²®, is the global, not-for-profit leader in educating and certifying information security professionals throughout their careers. We are recognized for Gold Standard certifications and world class education programs.|
|2||The SANS Institute||SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet’s early warning system – the Internet Storm Center.|
|3||OWASP – The Open Web Application Security Project||The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.|
|4||ISSA – Information Systems Security Association||Developing and Connecting Cybersecurity Leaders Globally – ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.|
|5||FIRST – Forum of Incident Response and Security Teams||FIRST is the Forum of Incident Response and Security Teams. The idea of FIRST goes back until 1989, only one year after the CERT(r) Coordination Center was created after the infamous Internet worm. Back then incidents already were impacting not only one closed user group or organization, but any number of networks interconnected by the Internet.|
|6||Center for Internet Security||The Center for Internet Security, Inc. (CIS) is a 501c3 nonprofit organization focused on enhancing the cyber security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS provides resources that help partners achieve security goals through expert guidance and cost-effective solutions.|
|7||ISF – Information Security Forum||The ISF is the world’s leading authority on information risk management. A not-for-profit organisation, we supply authoritative opinion and guidance on all aspects of information security. We deliver practical solutions to overcome the wide-ranging security challenges that impact business information today.|
|8||National Association of ISACs||The mission of the National Council of ISACs (NCI) is to advance the physical and cyber security of the critical infrastructures of North America by establishing and maintaining a framework for valuable interaction between and among the ISACs and with government. Members of the Council are the individual Information Sharing and Analysis Centers (ISAC) that represent their respective sectors.|
|9||Internet Security Alliance||ISA was founded in 2000 in collaboration with Carnegie Mellon University. ISA membership is open to public and privately held entities and currently has substantial participation from the aviation, banking, communications, defense, education, financial services, health care, insurance, manufacturing, security and technology industries.|
|10||IAPP – International Association of Privacy Professionals||The IAPP is the largest and most comprehensive global information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally.|
|11||ISACA||As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.|
|12||National Cyber Security Alliance||NCSA’s mission is to educate and therefore empower a digital society to use the Internet safely and securely at home, work, and school, protecting the technology individuals use, the networks they connect to, and our shared digital assets.|
|13||FISSEA – Federal Information Systems Security Educators’ Association||The Federal Information Systems Security Educators’ Association (FISSEA), founded in 1987, is an organization run by and for information systems security professionals to assist federal agencies in meeting their information systems security awareness, training, education, and certification responsibilities.|
|14||AEHIS – The Association for Executives in Healthcare Information Security||The Association for Executives in Healthcare Information Security (AEHIS) launched in 2014 as the first professional organization serving healthcare’s senior IT security leaders. AEHIS offers CSO’s and other top-ranking information security leaders the professional development and networking opportunities critical for their success. Members have access to the educational resources and support for addressing key industry specific privacy and security issues.|
|15||International Association for Cryptologic Research||The International Association for Cryptologic Research (IACR) is a non-profit scientific organization whose purpose is to further research in cryptology and related fields. Cryptology is the science and practice of designing computation and communication systems which are secure in the presence of adversaries.|
|16||IIA – The Institute of Internal Auditors||The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.|
|17||CIUSPA – The Credit Union Information Security Professionals Association||CUISPA is a national association of credit union information technology professionals focused on improving security and risk management through cooperation.|
|18||ISRA – Information Security Research Association||The Information Security Research Association (commonly known as ISRA) is a registered non-profit organization focused on various aspects of Information Security including security research and cyber security awareness activities.|
|19||AISP – Association of Information Security Professionals||To promote, develop, support and enhance the integrity, technical competence, management expertise, status and interests of information security professionals in Singapore.|
|20||AISA – Australian Information Security Association||The Australian Information Security Association (AISA) is an Australian representative industry body for the information security profession. Formed in 1999, AISA is focussed on individual membership. AISA aims to foster and promote the development of the information security industry and encourage the professional development of our members.|
|21||IASAP – International Association of Security Awareness Professionals||Formed in 2012, the International Association of Security Awareness Professionals is an independent 501(c)6 non-profit association comprised of corporate members. Member participants are professionals who manage information security awareness programs for their organizations, and are responsible for everyday awareness operations.|
|22||EWF – Executive Women’s Forum on Information Security, Risk Management & Privacy||The Executive Women’s Forum is the largest member organization serving emerging leaders as well as the most prominent and influential female executives in the Information Security, Risk Management and Privacy industries.|
|23||ISFS – Information Security & Forensics Society||Information Security and Forensics Society (ISFS) was registered under the Hong Kong Societies Ordinance in May 2000. Our mission is to advocate and enforce professionalism, integrity and innovation in Information Security and Computer Forensics in Hong Kong and the surrounding region.|
|24||Cyber, Space & Intelligence Assocation||Cyber, Space, & Intelligence Association wasfounded in early 2011 to provide an environmentfor a vital flow of ideas between national securitythought leaders in Government, Industry, andCongress focused Cyber, Space, and Intelligencechallenges and opportunities.|
|25||CSA – Cloud Security Alliance||The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.|