Inside Cybersecurity

October 7, 2025

Daily News

CISA launches investigation on eliminating recurring software vulnerabilities to boost secure by design adoption

By Jacob Livesay / January 5, 2024

The Cybersecurity and Infrastructure Security Agency is working to eliminate software vulnerabilities that have known mitigations, as part of the agency’s work to further the adoption of its secure by design principles.

“In the news, we frequently see examples of software vulnerabilities for which effective mitigations have been available for years, or even decades. Examples include hard-coded credentials, SQL injection vulnerabilities, and directory path traversal vulnerabilities,” CISA said in a Dec. 20 request for information.

The RFI dives into...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.