| Developers: | Cybersecurity and Infrastructure Security Agency (CISA) |
| Date of the premiere of the system: | June 2021 g |
| Branches: | Information technologies |
| Technology: | IB - Security Information and Event Management (SIEM) |
2021: Launch of the state platform to inform the department about problems in IT systems
In early June 2021, the Cybersecurity and Infrastructure Security Agency (CISA) launched a vulnerability disclosure platform that will allow federal agencies to identify cybersecurity flaws using ethical hackers.
The Vulnerability Disclosure Platform (VDP) will be available to all civilian agencies under CISA supervision and is designed to enable government agencies to benefit from the skills of civilian cybersecurity experts known as white hackers.
The launch of the platform is designed to help agencies comply with the directive submitted by CISA in September 2020, which requires the development of a procedure for reporting cyber security flaws and clarifications on which types of security testing are allowed.
In accordance with the directive, agencies must also provide a system of anonymous reporting of vulnerabilities and commit themselves not to institute legal action against security research conducted with good intentions.
CISA does not comment on which agencies will join the VDP first, or on the timing of adaptation. The platform is administered by private contractors Bugcrowd and EnDyna through the CISA Cybersecurity Services Quality Management Office (QSMO).
Bugcrowd CEO Ashish Gupta noted that the platform will allow government agencies to accelerate the exchange of information about a large number of vulnerabilities. According to Gupta, in a similar program working with a large financial institution, Bugcrowd was able to identify a vulnerability that affected more than 250 domains and more than 5,000 URLs.
 | As we work to improve the basic level of cybersecurity in the executive branch of government, CISA will continue to work with federal agencies to provide them with the assistance they need to support cybersecurity efforts, including by quickly identifying and eliminating vulnerabilities, "said Eric Goldstein, assistant director of cybersecurity at CISA.[1] |  |
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |