Mastodon Feed
Reblogged by slightlyoff@toot.cafe ("Alex Russell"):
boblord@infosec.exchange ("Bob Lord 🔐 :donor:") wrote:
As part of our Secure by Design initiative, we're looking further "left of boom" to understand how security defects occur in the software manufacturing process and what the software manufacturers can do to eliminate recurring problems.
To that end, today we are launching a new series of products: Secure by Design Alerts. When we see a vulnerability or intrusion campaign that could have been reasonably avoided if the software manufacturer had aligned to secure by design principles, we’ll call it out.
Read more about this announcement here:
https://www.cisa.gov/news-events/news/cisa-announces-secure-design-alert-series-how-vendor-decisions-can-reduce-harm-global-scaleand at our main secure by design portal:
https://www.cisa.gov/securebydesign