The Cybersecurity and Infrastructure Security Agency has released the first annual report on the progress of its Vulnerability Disclosure Policy platform.
The report showed that since its inception in 2021, the VDP platform has onboarded 40 CISA programs and received more than 1,330 valid disclosures, 85 percent of which were remediated, CISA said Friday.
The platform was established two years after the policy’s creation to serve as a streamlined tool for VDP reporting and adjudication. CISA’s goal was to help bolster vulnerability awareness and security posture among federal agencies.
As of December 2022, the VDP platform enabled the remediation of more than 1,000 vulnerabilities, some of which were identified in CISA’s Known Exploited Vulnerabilities Catalog. The service also helped the Department of Homeland Security detect 235 vulnerabilities when utilized in DHS’ pilot program for detecting computer bugs across 13 of its systems.
