CISA Releases Draft of Binding Operational Directive on Developing a Vulnerability Disclosure Policy

Original release date: December 2, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft of Binding Operational Directive (BOD) 20-01, Develop and Publish a Vulnerability Disclosure Policy. BOD 20-01 will require each federal agency to publish a vulnerability disclosure policy (VDP). CISA has posted the draft directive for public feedback. The deadline for submitting comments is 11:59 PM EST on December 27, 2019.

CISA encourages users and administrators to review the CISA blog post, Improving Vulnerability Disclosure Together, and draft BOD 20-01 for more information. CISA encourages feedback on draft BOD 20-01 from individuals with personal or institutional expertise in vulnerability disclosure and from organizations that have a VDP and manage coordinated vulnerability disclosures.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next Cyber Monday: Tips for Safeguarding Personal Information »

Previous « Caller Poses as CISA Rep in Extortion Scam

This website uses cookies.

CISA Releases Draft of Binding Operational Directive on Developing a Vulnerability Disclosure Policy

Recent Posts

Cisco IOS SNMP Message Handling Vulnerability

Vulnerabilities in TCP

CVS Heap Overflow Vulnerability

SQL Injection Vulnerabilities in Oracle E-Business Suite

Cross-Domain Vulnerability in Internet Explorer

Cross-Domain Redirect Vulnerability in Internet Explorer