CISA inks 68 tech vendors to secure-by-design pledge — but will it matter?
- by nlqip
Some of the biggest names in the tech industry signed onto a public pledge, backed by the US Cybersecurity and Infrastructure Security Agency, promising to implement important software security measures in their products.
The CISA “Secure By Design” pledge outlines seven areas in which signatories are expected to make significant improvements. Multifactor authentication should be used by default, default passwords should be randomized or mandatorily changed on first use, and SQL injection attacks should be eliminated by, for example, enforcing parametrized queries. The pledge also asks signers to implement regular patching, vulnerability disclosure policies, transparent CVEs, and forensic data about intrusions.
Among large vendors who signed the pledge are Cisco, AWS, Google, IBM, Microsoft, Lenovo, and other mainstays of enterprise IT architectures.
Source link
lol
Some of the biggest names in the tech industry signed onto a public pledge, backed by the US Cybersecurity and Infrastructure Security Agency, promising to implement important software security measures in their products. The CISA “Secure By Design” pledge outlines seven areas in which signatories are expected to make significant improvements. Multifactor authentication should be…
Recent Posts
- Exploit code released for critical Ivanti RCE flaw, patch now
- Amazon CEO: New Return-To-Office Policy Will ‘Require Some Adjustments’
- Microsoft rolls out Office LTSC 2024 for Windows and Mac
- New Microsoft Copilot Update Wave Focuses On Page, App Integration, Agents
- Here’s How Four MSPs Are Helping Clients Navigate AI