Search | ENISA

Economics of Vulnerability Disclosure

Publications 14 December, 2018

Vulnerability disclosure refers to the process of identifying, reporting and patching weaknesses of software, hardware or services that can be exploited. The different actors within a vulnerability disclosure process are subject to a range of…

State of Vulnerabilities 2018/2019 - Analysis of Events in the life of Vulnerabilities

Publications 14 January, 2019

The purpose of this report is to provide an insight on both the opportunities and limitations the vulnerability ecosystem offers. By using the vulnerabilities published during the year of 2018 and Q1-Q2 of 2019 as a vehicle, this report goes beyond…

Developing National Vulnerabilities Programmes

Publications 16 February, 2023

Based on the experiences and perspectives gathered from industry players and national governments, as well as on the documentation developed by multiple actors involved with national vulnerability initiatives and programmes, the EU Coordinated…

Good Practice Guide on Vulnerability Disclosure. From challenges to recommendations

Publications 18 January, 2016

Vulnerabilities are ‘flaws’ or ‘mistakes’ in computer-based systems that may be exploited to compromise the network and information security of affected systems. They provide a point-of-entry or gateway to exploit a system and as such pose…

Shield with lock icon. ENISA is a common vulnerabilities and exposures Numbering authority

Another step forward towards responsible vulnerability disclosure in Europe

News 12 June, 2024

The EU Agency for Cybersecurity (ENISA) expands its support to EU CSIRTs for Coordinated Vulnerability Disclosure and is now authorised as a Common Vulnerabilities and Exposures (CVE) Numbering Authority.

Futuristic image of a city and people working promoting the concept of NIS Investments in essential sectors

Navigating cybersecurity investments in the time of NIS 2

News 22 November, 2024

The latest report of the European Union Agency for Cybersecurity (ENISA) aims to support policy makers in assessing the impact of the current EU cybersecurity framework, and particularly the NIS 2 Directive, on cybersecurity investments and the…

2024 report - state of cybersecurity in the union

EU’s first ever report on the state of cybersecurity in the Union

News 3 December, 2024

In accordance with Article 18 of the NIS 2 Directive, ENISA was tasked to prepare a biennial report on the state of cybersecurity in the Union.

EU Cybersecurity Policy Conference

Events 14 December, 2022

The first EU Cybersecurity Policy Conference will bring together policymakers, industry representatives and key stakeholders to discuss implementation of cybersecurity policy and challenges ahead. The conference is organised in collaboration with…

Threats and Incidents

Topics content 2 August, 2024

Incident reporting is essential for understanding and analysing the EU cybersecurity threat landscape.

By Topics

By Type