vulnerability disclosure

Laying the terms for partnerships with ethical hackers

by • 2 months ago

With the backing of CISA, federal civilian agencies can lean on the expertise of ethical hackers as part of their security strategy — but first they need a VDP agreement.

CISA’s first shared-services offering is delayed by protest

by • 3 months ago

The award of the vulnerability disclosure policy (VDP) platform contract is under protest from HackerOne.

CISA selects EnDyna for vulnerability disclosure platform shared service

by • 4 months ago

The shared service is the first of three initial ones the agency will offer as a recently designated quality service management office.

The 4 federal shared services marketplaces are shaping up

by • 4 months ago

The Department of Health and Human Services may soon be the latest QSMO, while the others have taken strides to build out their marketplaces.

What one bug bounty platform’s FedRAMP authorization means for the industry

by • 8 months ago

HackerOne beat its competitors to federal cloud services authorization, allowing it to deliver the kind of vulnerability disclosure platform sought for agencies governmentwide.

DHS conducting market research for cloud-based vulnerability disclosure platform

by • 1 year ago

DHS wants "a software-as-a-service web application that serves as the primary point of entry for vulnerability reporters to alert the government of potential issues on federal information systems for those agencies that participate in the platform."

TwitterFacebookLinkedInRedditGoogle Gmail