October 7, 2025
Daily News
CISA launches investigation on eliminating recurring software vulnerabilities to boost secure by design adoption
The Cybersecurity and Infrastructure Security Agency is working to eliminate software vulnerabilities that have known mitigations, as part of the agency’s work to further the adoption of its secure by design principles.
“In the news, we frequently see examples of software vulnerabilities for which effective mitigations have been available for years, or even decades. Examples include hard-coded credentials, SQL injection vulnerabilities, and directory path traversal vulnerabilities,” CISA said in a Dec. 20 request for information.
The RFI dives into...