Symantec Security Response Declared CVE-Compatible

News Releases

Compatibility Enhances Information Sharing, Enables Reduced Exposure to Threats

CUPERTINO, Calif. - September 24, 2002 - Symantec Corp. (Nasdaq: SYMC), the world leader in Internet security, today announced that its security vulnerabilities and advisories Web site and e-mail service, Symantec Security Response, will now use Common Vulnerabilities and Exposures (CVE) names. CVE is a list or dictionary that provides common names for information security vulnerabilities and exposures. Using a common name makes it easier to share data across separate databases and tools that otherwise are not easily integrated. As a result, Symantec Security Response users can more quickly and accurately gain access to information about security vulnerabilities and, in turn, reduce exposure to threats.

"As a provider of Internet security products and services, Symantec is committed to delivering solutions to help ensure the safety and productivity of Internet users in the enterprise, at home and on the road," said Vincent Weafer, senior director of Symantec Security Response. "By incorporating CVE names, Symantec Security Response enables organizations to quickly access comprehensive information about security vulnerabilities and, in turn, protect against blended threats that exploit those vulnerabilities."

"As security threats increase in number, complexity, and frequency today, organizations require clear and concise direction from security services to help them proactively prepare for and respond to these problems," said Robert Martin, the CVE Compatibility Lead at MITRE. "CVE compatibility will help customers close the gaps in coverage that often result from using disparate security sources, thereby helping ensure more comprehensive protection against new and emerging vulnerabilities and exposures."

According to The MITRE Corporation (www.mitre.org), the not-for-profit company that maintains CVE and provides impartial technical guidance to the CVE Editorial Board, CVE-compatible tools, databases and services provide organizations better coverage, easier interoperability, and enhanced security.

Symantec Security Response is a team of dedicated intrusion experts, security engineers, virus hunters, and global technical support teams that work in tandem to provide extensive coverage for enterprise businesses and consumers. By leveraging CVE's standardized dictionary of security vulnerabilities and exposures as well as Symantec's 24x7 global Internet security expertise, Symantec Security Response augments its world-class support and response capabilities to give users concise, targeted, and complete information about today's most complex security threats.

About Symantec
Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises and service providers around the world. Symantec's Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries. For more information, please visit www.symantec.com.

Symantec's Canadian operations are headquartered in Toronto with offices in Montreal, Ottawa, Calgary and Vancouver. For more information on Symantec products or current promotions, contact the Canadian office at (416) 441-3676 or access Symantec's Canadian Web site at www.symantec.ca. Symantec is an active member of the Canadian Alliance Against Software Theft (CAAST).

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site.

Symantec and the Symantec logo are trademarks or registered trademarks, in the United States and certain other countries, of Symantec Corporation. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.