National Cyber Warfare Foundation (NCWF) Forums


CISA Announces Vulnerability Disclosure Policy (VDP) Platform


0 user ratings
2021-07-30 14:10:34
milo
Blue Team (CND)
Original release date: July 30, 2021

CISA has announced the establishment of its Vulnerability Disclosure Policy (VDP) Platform for the federal civilian enterprise, which will allow the Federal Civilian Executive Branch to coordinate with the civilian security research community in a streamlined fashion. The VDP Platform provides a single, centrally managed website that agencies can leverage as the primary point of entry for intaking, triaging, and routing vulnerabilities disclosed by researchers. It enables researchers and members of the general public to find vulnerabilities in agency websites and submit reports for analysis.



This new platform allows agencies to gain greater insights into potential vulnerabilities, which will improve their cybersecurity posture. This approach also means  agencies no longer need to develop separate systems to enable vulnerability reporting  and triage of identified vulnerabilities, providing government-wide cost savings that CISA estimates at over $10 million.



For more details, see the blog post by CISA’s Executive Assistant Director for Cybersecurity, Eric Goldstein.



This product is provided subject to this Notification and this Privacy & Use policy.





CISA Announces Vulnerability Disclosure Policy (VDP) Platform
https://us-cert.cisa.gov/ncas/current-activity/2021/07/30/cisa-announces-vulnerability-disclosure-policy-vdp-platform
Original release date: July 30, 2021

CISA has announced the establishment of its Vulnerability Disclosure Policy (VDP) Platform for the federal civilian enterprise, which will allow the Federal Civilian Executive Branch to coordinate with the civilian security research community in a streamlined fashion. The VDP Platform provides a single, centrally managed website that agencies can leverage as the primary point of entry for intaking, triaging, and routing vulnerabilities disclosed by researchers. It enables researchers and members of the general public to find vulnerabilities in agency websites and submit reports for analysis.



This new platform allows agencies to gain greater insights into potential vulnerabilities, which will improve their cybersecurity posture. This approach also means  agencies no longer need to develop separate systems to enable vulnerability reporting  and triage of identified vulnerabilities, providing government-wide cost savings that CISA estimates at over $10 million.



For more details, see the blog post by CISA’s Executive Assistant Director for Cybersecurity, Eric Goldstein.



This product is provided subject to this Notification and this Privacy & Use policy.




Fri, 30 Jul 2021 11:04:32 +0000
CISA
16806 at https://us-cert.cisa.gov

Source: CISA Current Activity
Source Link: https://us-cert.cisa.gov/ncas/current-activity/2021/07/30/cisa-announces-vulnerability-disclosure-policy-vdp-platform


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



© Copyright 2012 through 2021 - National Cyber Warfare Foundation - All rights reserved worldwide.