Industry Group Engagement
Leaders in the Security Community
The Intel PSIRT is a strong supporter and member of industry groups, which drive change for the information security community.
Technology Standards
Intel leads and participates in industry consortia along with standard bodies shaping how technologies should be designed to meet security, privacy, and safety requirements. This engagement includes feature and mitigation requirements aligned to anticipated use cases, as well as the emerging threat landscape generated by our security research. Examples include:
- Trusted Computing Group (TCG)
- Confidential Computing Consortium (CCC)
- 3rd Generation Partnership Project (3GPP)
- National Institute of Standards and Technology (NIST)
- International Organization for Standardization (ISO)
General Product Design, Assurance & Risk Management Standards
As vulnerability research methods become more sophisticated, often targeting hardware, Intel is at the forefront of advanced secure-by-design practices, systemic mitigations, automated vulnerability scanning tools, and hardware security training, among other efforts. Examples in this area include:
- MITRE: Intel collaborated to extend existing community-driven software-oriented Common Weakness Enumeration (CWE) to include 75 hardware weaknesses and is involved in Common Vulnerabilities and Exposures (CVE) and Common Attack Pattern Enumeration and Classification (CAPEC).
- Forum of Incident Response and Security Teams (FIRST): Intel contributes to the Common Vulnerability Scoring System (CVSS) and helps lead the Product Security and Incident Response Team (PSIRT) special interest group where Intel employees coauthored the PSIRT Services Framework as a contribution to the global security community.
- Bug Bounty Community of Interest (COI): Intel contributes to the Bug Bounty COI, which is comprised of a group of subject matter experts with a deep interest in the Bug Bounty ecosystem.