The Cybersecurity and Infrastructure Security Agency (CISA) reported that its Vulnerability Disclosure Policy (VDP) platform has helped agencies uncover and address more than 1,000 bugs through December 2022. […]

The National Institute of Standards and Technology (NIST) on May 24, released the final guideline version on how agencies should manage their vulnerability disclosure for information systems within the Federal government. […]

Federal agencies are remediating critical and high vulnerabilities in their IT systems within the allotted time frame only about half the time, according to figures within the Department of Homeland Security’s (DHS) fiscal year 2020 congressional budget justification. […]

A new binding operational directive (BOD) from the Department of Homeland Security (DHS) released Monday, April 29, requires agencies to remediate critical vulnerabilities identified by the Cybersecurity and Infrastructure Security Agency (CISA) within 15 days of detection, a reduction from 30 days. […]