AI Companies Urged to Play Bigger Role in Vulnerability Disclosures

At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, stated that AI companies should take a more significant role in the future of vulnerability disclosures. The announcement was made during the event, though no specific dates, technical details, or CVE IDs were provided. The discussion focused on expanding the involvement of AI firms in the CVE Program, which is managed by CISA. No direct impacts or additional technical specifics were outlined in the statement. The context was limited to the broader initiative of integrating AI companies into vulnerability management processes.