The Cybersecurity and Infrastructure Security Agency (CISA) has a new system to track weaknesses in government networks. The vulnerability disclosure policy (VDP) platform allows agencies to collaborate with the public to improve cybersecurity.
- Bob Bigman, founder of 2BSecure and former chief information security officer at the Central Intelligence Agency, said the system strengthens code in public-facing websites by opening up penetration testing and security scanning to more people, enabling different perspectives and tools.
- Bigman said the tool gives agencies reports on specific vulnerability types to add to their threat vulnerability assessment capability management systems, allowing them to fix and track issues.
- Bigman said it is necessary to have a skilled talent base inside an organization to understand the results identified by the bug trackers through the VDP platform.
