Saviynt is Authorized by the CVE Program as a CVE Numbering Authority (CNA)

CNA authorization enables Saviynt to identify, define, and catalogue publicly disclosed cybersecurity threats

Saviynt, a leading provider of cloud-native identity and governance platform solutions, today announced it has been authorized by the CVE Program as a CVE Numbering Authority (CNA). This enables Saviynt to assign CVE IDs to certain vulnerabilities discovered in its products, which is part of the commitment the company made when it signed CISA’s Secure by Design Pledge in 2024.

“Saviynt is committed to building trust and maintaining transparency with its customers. Being recognized as an authorized CVE Numbering Authority (CNA) further strengthens this commitment and enhances customer trust by enabling Saviynt to communicate relevant security updates transparently and proactively,” said Akshay Sivananda, chief information security officer (CISO) at Saviynt.

Joining the CVE Program was a natural next step in fulfilling the Secure by Design Pledge, which Saviynt signed up for last summer. By becoming an authorized participant in the CVE Program, Saviynt strengthens its dedication to proactive vulnerability management – identifying, defining, and cataloging publicly disclosed cybersecurity threats. This milestone enhances the company’s ability to collaborate with the security community, provide transparent and actionable threat intelligence, and help organizations develop effective strategies to mitigate risk.

“The Saviynt Identity Cloud platform is mission-critical for some of the world’s largest companies and governments. In today’s rapidly evolving threat landscape, security of the platform is paramount. Responsible vulnerability management is a cornerstone of our security strategy, ensuring we proactively address risks and uphold the highest standards of protection,” added Jeff Margolies, chief product and strategy officer at Saviynt.

Saviynt’s designation as a CNA reinforces its proactive approach to cybersecurity, ensuring that vulnerabilities within its products are identified, disclosed, and addressed in a transparent and timely manner. By actively contributing to the CVE program, Saviynt empowers customers and industry stakeholders with critical security insights, helping them mitigate potential risks more effectively. This milestone is part of Saviynt’s broader strategy to embed security into every stage of product development, further strengthening trust and resilience across the cybersecurity ecosystem.

For more information about Saviynt’s security initiatives, please visit the website.

About the CVE Program

The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.

About Saviynt

Saviynt empowers enterprises to secure digital transformation, safeguard critical assets, and meet regulatory compliance. With a vision to provide a secure and compliant future for all enterprises, Saviynt is recognized as an industry leader in identity security whose cutting-edge solutions protect the world’s leading brands, Fortune 500 companies, and government organizations. For more information, please visit www.saviynt.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250226290466/en/