CISA Launches New Online Vulnerability Disclosure Platform; Cybersecurity Official Eric Goldstein Quoted

CISA Launches New Online Vulnerability Disclosure Platform; Cybersecurity Official Eric Goldstein Quoted
Eric Goldstein CISA

The Cybersecurity Infrastructure and Security Agency (CISA) has launched a new centrally managed website where security researchers and the public can report vulnerabilities on federal civilian systems.

The Vulnerability Disclosure Program Platform will enable agencies to work with the research community on identifying system weaknesses and improve their cybersecurity posture, Eric Goldstein, CISA's executive assistant director for cybersecurity, said Friday.

The sharing process works by researchers checking the integrity of systems listed by the participating agencies and submitting their findings on the platform. Service providers BugCrowd and EnDynma will then assess the reports initially before passing them to the government organizations.

According to CISA estimates, using the VDP Platform will save the government over $10 million. The departments of Homeland Security, Labor and the Interior already pledged to use the website once it becomes available.

You may also be interested in...

Cybersecurity

DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.