Senators Mark Warner and James Lankford introduced a bipartisan bill to require federal contractors to implement vulnerability disclosure policies, vital for addressing software vulnerabilities.
Warner emphasized that 'vulnerability disclosure policies are a crucial tool used to proactively identify and address software vulnerabilities.' This legislation aims to protect critical infrastructure.
Currently, while federal agencies have VDPs mandated by law, no standard exists for contractors, prompting the need for legislation to formalize vulnerability assessment processes.
According to Ilona Cohen from HackerOne, the bipartisan support for the legislation creates significant momentum for its inclusion in the National Defense Authorization Act this year.
#cybersecurity #federal-contractors #vulnerability-disclosure #bipartisan-legislation #national-defense-authorization-act
Collection
[
|
...
]