In April 2021, Octopus Deploy announced its status as a CVE Numbering Authority (CNA), allowing it to assign CVE IDs to vulnerabilities within its scope, following its earlier launch of a dedicated security advisories page in February 2021. This step is part of Octopus Deploy's efforts to enhance its security practices by streamlining the CVE process, ensuring that both the CVE ID and the associated security advisory are released simultaneously. This approach aims to provide customers with comprehensive information to verify the security of their Octopus installations. The CVE system is a global, community-driven initiative that helps stakeholders quickly identify and manage vulnerabilities to safeguard systems against attacks. For further information on trust and security, Octopus Deploy directs individuals to their Trust and Security roadmap and provides contact information for reporting vulnerabilities.