CISA selects Bugcrowd and EnDyna to launch its VDP platform

2021-06-08 23:45

The Cybersecurity and Infrastructure Security Agency, a federal agency of the US government, has selected Bugcrowd to launch its first federal civilian enterprise-wide crowdsourced vulnerability disclosure policy platform in support of Binding Operational Directive 20-01.

CISA will offer this VDP platform service to Federal Civilian Executive Branch agencies which will set a new precedent for federal civilian enterprise-wide security.

The VDP platform enables agencies to identify and monitor vulnerabilities in critical systems, by receiving security feedback from uniquely-skilled ethical hackers around the world.

Partnering with Bugcrowd, EnDyna is awarded a one year contract with four option years which will provide a key Software as a service component to CISA's VDP platform.

In addition to the CISA-funded VDP platform service, FCEB agencies can also accelerate digital transformation strategies and implement their own bug bounty programs from Bugcrowd and EnDyna, enabling them to ensure that security assessments become part of their software development lifecycle, also commonly called as "Shifting Left.".

"The need for cyber resilience and risk management is unprecedented in today's digitally connected world and the partnership between CISA and Bugcrowd provides the most powerful crowdsourced cybersecurity platform solution to address the government's growing need for contextually intelligent security assessments to protect its vast attack surface. We are honored to be the first crowdsourced cybersecurity vendor to work with CISA on an FCEB-wide proactive defense strategy through our VDP solution."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/202bsw1xHSY/

#bugcrowd #cisa