Vulnerability disclosure policies eyed for federal contractors in Senate bill | CyberScoop<\/title> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/federal-contractor-vulnerability-disclosure-policies-senate-bil\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Vulnerability disclosure policies eyed for federal contractors in Senate bill\"> <meta property=\"og:description\" content=\"The legislation from Sens. Warner and Lankford would require federal contractors to adhere to NIST\u2019s guidelines on VDPs.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/federal-contractor-vulnerability-disclosure-policies-senate-bil\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-08-13T13:50:21+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg\"> <meta property=\"og:image:width\" content=\"1024\"> <meta property=\"og:image:height\" content=\"683\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"mbracken\"> <meta name=\"twitter:card\" content=\"summary_large_image\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1721926675g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1721767167g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1721764637g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ada0ad45b21fc79c6694\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/81390\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.6.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=81390\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Ffederal-contractor-vulnerability-disclosure-policies-senate-bil%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Ffederal-contractor-vulnerability-disclosure-policies-senate-bil%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-81390 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/federal-contractor-vulnerability-disclosure-policies-senate-bil\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.952380952381\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2024 CyberScoop 50 awards! <\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/vote\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.078326180258\">\n<div class=\"single-article__header-content\" readability=\"29.646341463415\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> The legislation from Sens. Warner and Lankford would require federal contractors to adhere to NIST\u2019s guidelines on VDPs. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"427\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill.jpg?resize=640%2C427&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-4.jpg?resize=1012,675 1012w\" sizes=\"(max-width: 1012px) 100vw, 1012px\"><figcaption> Sen. Mark Warner, D-Va., speaks during a press conference in Washington, D.C., on March 20, 2018. From left, Sens. John Cornyn, James Lankford, Susan Collins and Richard Burr listen. (NICHOLAS KAMM\/AFP via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"31.870728929385\"><body readability=\"64.655760054533\"><\/p>\n<p>Federal contractors would be required to implement vulnerability disclosure policies that align with National Institute of Standards and Technology guidelines under a bipartisan Senate bill introduced last week.<\/p>\n<p>The <a href=\"https:\/\/www.warner.senate.gov\/public\/_cache\/files\/2\/9\/29d0d750-7d07-483c-9e99-05ab0bf1e106\/6357F78535F0225EC8B48773E2BDDB98.dav24b77.pdf\">Federal Contractor Cybersecurity Vulnerability Reduction Act of 2024<\/a> from Sens. Mark Warner, D-Va., and James Lankford, R-Okla., is a companion to legislation from Rep. Nancy Mace, R-S.C., which was <a href=\"https:\/\/mace.house.gov\/media\/press-releases\/rep-maces-federal-cybersecurity-vulnerability-reduction-act-passes-house#:~:text=The%20bill%2C%20which%20was%20introduced,Vulnerability%20Disclosure%20Policies%20(VDP).\">advanced by the House Oversight Committee in May<\/a>.<\/p>\n<p>The bill from Warner and Lankford on vulnerability disclosure policies (VDPs) aims to create a structure for contractors to receive reports of vulnerabilities in their products and then act against them before an attack occurs.<\/p>\n<p>\u201cVDPs are a crucial tool used to proactively identify and address software vulnerabilities,\u201d Warner <a href=\"https:\/\/www.warner.senate.gov\/public\/index.cfm\/pressreleases?id=277E9745-B3FA-400B-98D0-4395C1A75B50\">said in a statement<\/a>. \u201cThis legislation will ensure that federal contractors, along with federal agencies, are adhering to national guidelines that will better protect our critical infrastructure, and sensitive data from potential attacks.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>While current federal law requires civilian agencies to have VDPs, there is no such standard for federal contractors. The bill would address that discrepancy by instituting a requirement for contractors and mandating that they accept, assess, and manage the vulnerability reports they receive. <\/p>\n<p>\u201cFederal agencies and contractors must be quickly made aware of cyber vulnerabilities, so they can resolve them,\u201d Lankford said in a statement. \u201cBy strengthening cybersecurity efforts, contractors and agencies can keep their focus on serving the American people and keep data and systems safe from cybercrimes and hacking.\u201d<\/p>\n<p>A <a href=\"https:\/\/www.warner.senate.gov\/public\/_cache\/files\/3\/f\/3f6625dc-09b1-4cf1-809a-015a3baf3718\/B66CD4E645A5A5730A15B0C90F3E6989.federal-contractor-cybersecurity-vulnerability-reduction-act-one-pager.pdf\">fact sheet accompanying the release of the bill<\/a> referenced the 2015 <a href=\"https:\/\/cyberscoop.com\/tag\/opm-breach\/\">Office of Personnel Management data breach<\/a>, that was made possible by vulnerabilities in systems used by two contractors that stored data on federal employee background checks. This legislation, the fact sheet noted, would ensure that \u201cgood-faith security researchers\u201d can reach out directly to federal contractors without having to provide additional reporting to an agency.<\/p>\n<p>The bill would require the Office of Management and Budget to spearhead Federal Acquisition Regulation updates, a move intended to guarantee that contractors\u2019 VDPs align with current federal agency requirements. The Secretary of Defense would have the same obligations for Defense Federal Acquisition Regulation Supplement contract standards. <\/p>\n<p>The press release announcing the legislation included statements of support from Palo Alto Networks and HackerOne, whose chief legal and policy officer, Ilona Cohen, said the bill \u201caddresses a critical gap\u201d in U.S. cybersecurity.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThis proactive approach to security will ensure that businesses are actively protecting government systems, critical infrastructure, and sensitive data from exploitation by malicious actors,\u201d she said.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"4.2201039861352\">\n<div class=\"author-card\" readability=\"15\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.jpg?w=640&ssl=1\" alt=\"Matt Bracken\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Bracken<\/h4>\n<p> Matt Bracken is the managing editor of FedScoop and CyberScoop, overseeing coverage of federal government technology policy and cybersecurity. Before joining Scoop News Group in 2023, Matt was a senior editor at Morning Consult, leading data-driven coverage of tech, finance, health and energy. He previously worked in various editorial roles at The Baltimore Sun and the Arizona Daily Star. You can reach him at matt.bracken@scoopnewsgroup.com. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<div class=\"popular-stories__stories\">\n<div class=\"popular-stories__cards\">\n<article class=\"post-item post-item--popular-stories-cards \" readability=\"20.65963060686\">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/senate-homeland-security-streamlining-cyber-regulations-bills\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"600\" height=\"331\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill.png?resize=600%2C331&ssl=1\" class=\"attachment-ratio-16-9-md size-ratio-16-9-md wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png 2750w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=300,166 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=768,424 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=1024,565 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=1536,848 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=2048,1130 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=600,331 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=1200,662 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-1.png?resize=1500,828 1500w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\"> <\/a><figcaption class=\"screen-reader-text\"> Sen. Gary Peters, D-Mich., holds a Senate Homeland Security and Governmental Affairs business meeting on July 31, 2024, in Washington, D.C. (Screenshot) <\/figcaption><\/figure>\n<header class=\"post-item__meta\" readability=\"2.4247787610619\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/senate-homeland-security-streamlining-cyber-regulations-bills\/\"> Cyber bills on federal regs, health security and workforce clear Senate panel <\/a> <\/h3>\n<p> Committee members voted 10-1 to advance all three bipartisan pieces of legislation, setting the stage for full Senate consideration. <\/p>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/matt-bracken\/\"> Matt Bracken <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/cybersecurity-regulations-harmonization-federal-agencies-senate-bill\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"252\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-2.jpg?resize=252%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-5.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-5.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-5.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-5.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-5.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-5.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-5.jpg?resize=1012,675 1012w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\"> <\/a><figcaption class=\"screen-reader-text\"> Sen. Gary Peters, D-Mich., speaks during a Senate Homeland Security and Governmental Affairs Committee hearing on March 25, 2021 on Capitol Hill in Washington, D.C. (Photo by Astrid Riecken\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/cybersecurity-regulations-harmonization-federal-agencies-senate-bill\/\"> Bipartisan Senate bill takes aim at \u2018overly burdensome\u2019 cybersecurity regs <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/matt-bracken\/\"> Matt Bracken <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/election-administrators-ai-house-senate-bill\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"252\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-3.jpg?resize=252%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-6.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-6.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-6.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-6.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-6.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-6.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill-6.jpg?resize=1012,675 1012w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\"> <\/a><figcaption class=\"screen-reader-text\"> Rep. Chrissy Houlahan (D-Pa.) speaks during a press conference on new legislation at the U.S. Capitol Building on Jan. 27, 2023 in Washington, D.C. (Photo by Anna Moneymaker\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/election-administrators-ai-house-senate-bill\/\"> Bipartisan House bill aims to prepare election workers for AI <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/matt-bracken\/\"> Matt Bracken <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/federal-contractor-vulnerability-disclosure-policies-senate-bil\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability disclosure policies eyed for federal contractors in Senate bill<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[78,1585,2467,2468,703],"tags":[86,1589,2469,2470,705],"class_list":["post-4829","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-national-institute-of-standards-and-technology-nist","category-opm-breach","category-vdp","category-vulnerability-disclosure","tag-cybersecurity","tag-national-institute-of-standards-and-technology-nist","tag-opm-breach","tag-vdp","tag-vulnerability-disclosure"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/national-institute-of-standards-and-technology-nist\/\" rel=\"category tag\">National Institute of Standards and Technology (NIST)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/opm-breach\/\" rel=\"category tag\">OPM breach<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vdp\/\" rel=\"category tag\">vdp<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability-disclosure\/\" rel=\"category tag\">vulnerability disclosure<\/a>","tag_info":"vulnerability disclosure","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4829","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4829"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4829\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4829"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4829"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4829"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":4829,"date":"2024-08-13T08:50:21","date_gmt":"2024-08-13T13:50:21","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=81390"},"modified":"2024-08-13T08:50:21","modified_gmt":"2024-08-13T13:50:21","slug":"vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/08\/13\/vulnerability-disclosure-policies-eyed-for-federal-contractors-in-senate-bill\/","title":{"rendered":"Vulnerability disclosure policies eyed for federal contractors in Senate bill"},"content":{"rendered":"