The Cybersecurity and Infrastructure Security Agency (CISA), through its Vulnerability Disclosure Policy (VDP) platform, has helped save an estimated average of $4.45 million in potential remediation costs for critical and severe vulnerabilities across the Federal government. […]
A bipartisan pair of senators today announced their plan to introduce companion legislation to strengthen Federal cybersecurity by requiring government contractors to implement vulnerability disclosure policies (VDPs). […]
Rep. Ted Lieu, D-Calif., on Aug. 29 reintroduced his Improving Contractor Cybersecurity Act, which aims to require vendors that wish to do business with the United States government to maintain vulnerability disclosure policies (VDP) and programs. […]
The Cybersecurity and Infrastructure Security Agency (CISA) reported that its Vulnerability Disclosure Policy (VDP) platform has helped agencies uncover and address more than 1,000 bugs through December 2022. […]
In light of rising software supply chain security attacks, Rep. Nancy Mace, R-S.C., introduced new legislation today that aims to help Federal contractors identify and fix software vulnerabilities before adversaries can exploit them. […]
Last fall, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) announced a binding operational directive (BOD) requiring the Federal government to develop and publish vulnerability disclosure policies (VDP). CISA announced today it has chosen vendors for its VDP platform. […]
Rep. Ted Lieu, D-Ca., introduced a bill on June 1 that looks to improve the cybersecurity infrastructure of government contractors, his office announced. The Improving Contractor Cybersecurity Act would require any vendor looking to do business with the Federal government to have vulnerability disclosure policies (VDP) in place. […]
The Department of Defense’s (DoD) Cyber Crime Center (DC3) is launching a pilot program for Defense Industrial Base (DIB) companies to participate in their Vulnerability Disclosure Program (VDP), which shares vulnerability data and aims to improve cyber hygiene. […]