vulnerability disclosure Archives

Chairwoman Nancy Mace (R-SC) speaks before a House hearing at the US Capitol on June 22, 2023 in Washington, DC. The House Committee on Oversight and Accountbility Subcommittee on Cybersecurity, Information Technology, and Government Innovation met to discuss the use of technology at the US Border, airports and military bases. (Photo by Tasos Katopodis/Getty Images)

Rep. Mace proposes new vulnerability disclosure rules for contractors

The Federal Cybersecurity Vulnerability Reduction Act will set requirements pushing federal contractors to employ vulnerability disclosure policies.

Aug 24, 2023 By Rebecca Heilweil

Ongoing bug-bounty pilot pinpoints many vulnerabilities in DOD’s cyberspace

Through Hack U.S., the Pentagon is offering cash rewards for exposures of digital weaknesses.

Jul 8, 2022 By Brandi Vincent

DOD expands vulnerability disclosure program to contracting base in pilot

Forty-one defense contractors in the small-to-medium-size range participated in a vulnerability disclosure pilot that resulted in 1,015 reports, of which 401 were validated by system owners for…

May 2, 2022 By Billy Mitchell

CISA, DHS, Department of Homeland Security, RSA 2019 — (Scoop News Group photo)

CISA launches platform to allow hackers to report flaws in federal tech

Agencies will use the shared service to receive security feedback from white-hat hackers around the world.

Jun 8, 2021 By Dave Nyczepir

Laying the terms for partnerships with ethical hackers

With the backing of CISA, federal civilian agencies can lean on the expertise of ethical hackers as part of their security strategy — but first they need…

Dec 7, 2020 By FedScoop Staff

cybersecurity incident, bug, vulnerability, malware — (Getty Images)

CISA’s first shared-services offering is delayed by protest

The award of the vulnerability disclosure policy (VDP) platform contract is under protest from HackerOne.

Nov 2, 2020 By Dave Nyczepir

CISA selects EnDyna for vulnerability disclosure platform shared service

The shared service is the first of three initial ones the agency will offer as a recently designated quality service management office.

Oct 2, 2020 By Dave Nyczepir

The Eisenhower Executive Office Building, which houses the Office of Management and Budget. (Wikimedia Commons)

The 4 federal shared services marketplaces are shaping up

The Department of Health and Human Services may soon be the latest QSMO, while the others have taken strides to build out their marketplaces.

Sep 17, 2020 By Dave Nyczepir

What one bug bounty platform’s FedRAMP authorization means for the industry

HackerOne beat its competitors to federal cloud services authorization, allowing it to deliver the kind of vulnerability disclosure platform sought for agencies governmentwide.

May 26, 2020 By Dave Nyczepir

vulnerability, file, folder, cloud — (Getty Images)

DHS conducting market research for cloud-based vulnerability disclosure platform

DHS wants "a software-as-a-service web application that serves as the primary point of entry for vulnerability reporters to alert the government of potential issues on federal information…

Jan 3, 2020 By Billy Mitchell