Earlier this month CISA issued a binding operational directive ordering civilian agencies to remove any “networked management devices" from the open internet within two weeks.

Departments must apply a patch for the vulnerability to all Windows endpoints by July 22.

Agencies will use the shared service to receive security feedback from white-hat hackers around the world.

HackerOne beat its competitors to federal cloud services authorization, allowing it to deliver the kind of vulnerability disclosure platform sought for agencies governmentwide.

The congressional watchdog took a close look at implementation of the binding operational directives (BODs) that DHS issued to civilian agencies through December 2018.

U.S. CISO Grant Schneider says the government "should be setting the example for how organizations should look at cybersecurity."

DHS’s Cybersecurity and Infrastructure Security Agency now gives agencies 15 days after discovery to fix vulnerabilities deemed critical.