CISA touts achievements of VDP program

Share This Post



More than 7,000 security flaws have been submitted to the Cybersecurity and Infrastructure Security Agency’s Vulnerability Disclosure Policy program in 2023, which is 132% higher than bugs submitted in 2022, when the program began, with valid disclosures and remediated flaws increasing by 82% and 78% last year, respectively, according to The Record, a news site by cybersecurity firm Recorded Future.

Aside from yielding nearly $4.45 million in average remediation expense savings, government agency participation in the VDP program was also linked to accelerated vulnerability submission validation efforts, a report from CISA revealed. “The VDP Platform offers agencies significant cost and time savings. While VDPs are a critical component of an agency’s vulnerability management process, implementation and management come with associated costs for agencies. Handling disclosed vulnerabilities, triaging reports, corresponding with security researchers, and collecting and reporting required metrics are all labor-intensive steps that draw agency resources away from prioritizing valid vulnerability submissions and coordinating remediation activities,” said CISA.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Blogs

Mickey Mouse operation hacked by former employee

A disgruntled former Disney worker stands accused of illegally hacking the company’s systems and harassing its workers. Michael Scheuer, a former system administrator with the

Do You Want To Boost Your Business?

drop us a line and keep in touch