The Office of Management and Budget (OMB) released draft guidance for Federal agencies on vulnerability disclosure that would require clear vulnerability disclosure policies and create a Federal-wide strategy for implementation. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released a draft version of Binding Operational Directive (BOD) 20-01, which would require Federal agencies to establish a vulnerability disclosure policy for internet-connected systems. […]