The Cybersecurity and Infrastructure Security Agency has released the first annual report on the progress of its Vulnerability Disclosure Policy platform. The report showed that since its inception in 2021, the VDP
More
Rep. Nancy Mace, R-S.C., has introduced a bill that would direct the Office of Management and Budget to update the Federal Acquisition Regulation to require federal contractors to implement vulnerability disclosure policies,
More
Rep. Ted Lieu, D-Calif., has introduced a bill that would task vendors to have their software products undergo vulnerability assessments by ethical hackers. The Improving Contractor Cybersecurity Act would impose compliance with
More
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has released a draft binding operational directive that would require federal agencies to have a vulnerability disclosure policy.
More
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency is updating its vulnerability disclosure policy and will seek public comments from industry and agency partners on the directive upon release, Federal News
More
The General Services Administration’s technology transformation service organization has released a new policy that seeks to help security researchers report cyber vulnerabilities in TTS-run systems. TTS issued the vulnerability disclosure policy in
More
The Defense Department has introduced a new policy that seeks to help computer security researchers detect and disclose cyber vulnerabilities in DoD websites and a “bug bounty†challenge that aims to authorize hackers to
More