Bill requiring federal contractors to have vulnerability disclosure policies gets House redo

Reps. Nancy Mace and Shontel Brown reintroduced VDP legislation after the 2024 bipartisan, bicameral bill didn’t get a full Senate vote.

The post Bill requiring federal contractors to have vulnerability disclosure policies gets House redo appeared first on CyberScoop.

Continue reading Bill requiring federal contractors to have vulnerability disclosure policies gets House redo

Vulnerability disclosure policy bill for federal contractors clears Senate panel

The Homeland Security and Governmental Affairs Committee on Wednesday also advanced legislation to strengthen the federal IT supply chain.

The post Vulnerability disclosure policy bill for federal contractors clears Senate panel appeared first on CyberScoop.

Continue reading Vulnerability disclosure policy bill for federal contractors clears Senate panel

Vulnerability disclosure policy bill for federal contractors clears Senate panel

The Homeland Security and Governmental Affairs Committee on Wednesday also advanced legislation to strengthen the federal IT supply chain.

The post Vulnerability disclosure policy bill for federal contractors clears Senate panel appeared first on CyberScoop.

Continue reading Vulnerability disclosure policy bill for federal contractors clears Senate panel

Vulnerability disclosure policies eyed for federal contractors in Senate bill

The legislation from Sens. Warner and Lankford would require federal contractors to adhere to NIST’s guidelines on VDPs.

The post Vulnerability disclosure policies eyed for federal contractors in Senate bill appeared first on CyberScoop.

Continue reading Vulnerability disclosure policies eyed for federal contractors in Senate bill

Lawmaker Wants Federal Contractors to Have Vulnerability Disclosure Policies 

Congresswoman Nancy Mace has introduced a bill that would require federal contractors to have a Vulnerability Disclosure Policy (VDP).
The post Lawmaker Wants Federal Contractors to Have Vulnerability Disclosure Policies  appeared first on SecurityWeek.
Continue reading Lawmaker Wants Federal Contractors to Have Vulnerability Disclosure Policies 

Empowering the next generation of Android Application Security Researchers

Posted by Jon Bottarini, Security Program Manager & Lena Katib, Strategic Partnerships ManagerThe external security researcher community plays an integral role in making the Google Play ecosystem safe and secure. Through this partnership with the commu… Continue reading Empowering the next generation of Android Application Security Researchers

How the Pandemic is Reshaping the Bug-Bounty Landscape

Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more. Continue reading How the Pandemic is Reshaping the Bug-Bounty Landscape

Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

At SAS@Home, Luta Security CEO Katie Moussouris stressed that bug bounty programs aren’t a ‘silver bullet’ for security teams. Continue reading Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure

Vulnerability-disclosure policies (VDPs), if done right, can help provide clarity and clear guidelines to both bug-hunters and vendors when it comes to going public with security flaws. Continue reading It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure