CISA inks 68 tech vendors to secure-by-design pledge — but will it matter?
- by nlqip
Some of the biggest names in the tech industry signed onto a public pledge, backed by the US Cybersecurity and Infrastructure Security Agency, promising to implement important software security measures in their products.
The CISA “Secure By Design” pledge outlines seven areas in which signatories are expected to make significant improvements. Multifactor authentication should be used by default, default passwords should be randomized or mandatorily changed on first use, and SQL injection attacks should be eliminated by, for example, enforcing parametrized queries. The pledge also asks signers to implement regular patching, vulnerability disclosure policies, transparent CVEs, and forensic data about intrusions.
Among large vendors who signed the pledge are Cisco, AWS, Google, IBM, Microsoft, Lenovo, and other mainstays of enterprise IT architectures.
Source link
lol
Some of the biggest names in the tech industry signed onto a public pledge, backed by the US Cybersecurity and Infrastructure Security Agency, promising to implement important software security measures in their products. The CISA “Secure By Design” pledge outlines seven areas in which signatories are expected to make significant improvements. Multifactor authentication should be…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA