echo is now a CVE Numbering Authority (CNA)

New York –September 23, 2025 – Today marks an important milestone for echo. We’ve been authorized by the Common Vulnerabilities and Exposures (CVE™) Program as a CVE Numbering Authority (CNA).

For us, this is more than a designation. It’s a recognition of our role in building a future where infrastructure is secure by design, and where vulnerabilities are not just recognized, but actually proactively addressed with clarity and intent.

For the last 25 years, the CVE Program has been a cornerstone of transparency in cybersecurity. Its work identifying, defining, and cataloging publicly disclosed vulnerabilities ensures that the entire community knows of the vulnerabilities that are out there, creating a shared language to reduce confusion, coordinate prioritization, accelerate response, and help protect the systems we all depend on.

Why becoming a CNA matters to us

At echo, we believe that vulnerabilities shouldn’t be a never-ending treadmill for security and platform teams. By becoming a CNA, we’re taking that belief a step further, now that we can assign CVE IDs and publish CVE Records within our scope. That means when vulnerabilities do arise, they’ll be cataloged transparently and consistently to not just help our customers, but enable the entire community to act faster and with confidence.

As Eilon Elhadad, CEO of echo, put it:‍

“This milestone is deeply personal for our team. We’ve seen firsthand what it means to drown in vulnerability noise, and we’ve built echo to change that. Contributing to the CVE Program lets us give back to the community and help shape the standards that will guide the next generation of secure infrastructure.”

The CVE Program isn’t just a database, it’s a community. CNAs around the world, from government to academia to startups like ours, have come together to ensure vulnerabilities are recorded and shared in a way that benefits everyone. By joining this network, echo is committing to real collaboration, transparency, and building trust across the industry.

The critical role of CNA

The mission of the Common Vulnerabilities and Exposures (CVE™) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. CNAs are organizations responsible for assigning CVE IDs to vulnerabilities and creating and publishing information in the associated CVE Record. By joining this network, we’re bringing our focus on CVE-free container infrastructure into the broader effort – contributing not only to the prevention of vulnerabilities, but also to the transparency and consistency of how they are communicated.