Canon Inc. announced today that the company has established the Canon PSIRT (Product Security Incident Response Team), and security website designed to gather and centralize information on, and respond to, product and service vulnerabilities. In addition, the company has strengthened its vulnerability countermeasures by being authorized1 as a CNA (Common Vulnerabilities and Exposures Numbering Authority), which empowers the company to index and publish vulnerability information by assigning an internationally recognized CVE ID.
Canon has established the Canon PSIRT global website as a centralized point of contact for security researchers around the world to report information related to vulnerabilities discovered in Canon products and services. This will empower Canon to respond swiftly to security researchers and promote early discovery and resolution of security-related issues.
A CVE ID is a unique identifier assigned to each vulnerability within the database managed by the CVE Program, an international initiative aimed at discovering vulnerabilities. By managing a unified system that assigns a unique CVE ID to each vulnerability, it is easier to share information and associate additional information with that vulnerability. Canon, now authorized as a CNA, can assign and publish CVE IDs for Canon product and service vulnerabilities. This enables CVE IDs, conventionally indexed by third parties, to be more quickly identified and judged, thus helping Canon to index the product or service vulnerability. In turn, this framework is expected to increase the likelihood of prompt resolutions to security-related issues.
Going forward, Canon will continue striving to ensure customers can use the company’s products and services with peace of mind through the strengthening of vulnerability countermeasures and continuous efforts to improve the level of security.