CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment | CISA
- by nlqip
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released joint guidance on Product Security Bad Practices, a part of CISA’s Secure by Design initiative. This joint guidance supplies an overview of exceptionally risky product security bad practices for software manufacturers who produce software in support of critical infrastructure or national critical functions.
The bad practices presented in this guidance are organized into three categories: product properties, security features, and organizational processes and policies. This guidance contains brief information about specific bad practices, recommended actions, and additional resources. While this guidance is intended for software manufacturers who develop software products and services in support of critical infrastructure, all software manufacturers are strongly encouraged to avoid these product security bad practices.
CISA and FBI urge software manufacturers to reduce customer risk by prioritizing security throughout the product development process. For more information and resources, visit CISA.gov/SecureByDesign.
The public comment period begins today and concludes on December 2, 2024. During the comment period, members of the public can provide comments and feedback via the Federal Register.
Source link
lol
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released joint guidance on Product Security Bad Practices, a part of CISA’s Secure by Design initiative. This joint guidance supplies an overview of exceptionally risky product security bad practices for software manufacturers who produce software in support of critical infrastructure…
Recent Posts
- SolarWinds Web Help Desk flaw is now exploited in attacks
- US disrupts Anonymous Sudan DDoS operation, indicts 2 Sudanese brothers
- Canary Trap’s Bi-Weekly Cyber Roundup – Canary Trap
- Mass Layoffs At Intel Impact 2,000 Jobs in California, Oregon And Arizona
- Understand these seven password attacks and how to stop them