Check Point Research Launches CPR-Zero
June 2019 by Marc Jacob
Check Point Research has announced today the creation of a new online vulnerability repository, CPR-Zero. Going forward, Check Point will publicly list all vulnerabilities its research teams find, even if they are not featured in a publication on the Check Point Research blog. The move makes Check Point the industry’s largest cyber security vendor to openly share such information.
"Not every vulnerability that we find leads to a blog post or publication. In fact, most do not,” said Omri Herscovici, Head of Vulnerability Research at Check Point. "This is why it’s important for us to share our findings using the CPR-Zero platform. The information listed on CPR-Zero will be a priceless resource for citizens and enterprises everywhere to be more informed and vigilant against the latest cyber-security threats.”
CPR Zero has initially launched with over 130 vulnerabilities and will quickly expand to offer a comprehensive library of all vulnerabilities that Check Point’s research team has uncovered, both historic and in the future. CPR Zero lists CVEs with links and references for viewers to learn more from the official CVE database. The list also contains detailed information regarding each vulnerability, including a crash and dump, a short explanation and sometimes a POC.
The repository will be continually updated with new discoveries. However, Check Point reserves the right to not publicly disclose major vulnerabilities that may be at a high risk of being exploited before patches or updates are widely available.
"Check Point’s mission is to make the online world a safer place to live in. To help us further get there, we are making the bold move to be the largest cyber security company in the industry to share ALL our technical CVE findings with everyone," said Neatsun Ziv, VP of Threat Prevention. “No other cyber security company of our size has taken this step."
Built by some of some of the most talented and capable experts in the field, CPR Zero is Check Point’s latest initiative in responsibly notifying both consumers and enterprise organizations of new cyber-security risks, as well as encouraging vendors to take the necessary steps to continue to provide a risk-free user experience.