Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new security section to req links page #3456

Closed
RachelF opened this issue Dec 2, 2020 · 3 comments · Fixed by #3778
Closed

Add new security section to req links page #3456

RachelF opened this issue Dec 2, 2020 · 3 comments · Fixed by #3778
Assignees
@afeijoo @saracope @ToniBonittoGSA
Labels
feedback

Comments

@RachelF
Copy link
Contributor

RachelF commented Dec 2, 2020

URL / Link to page

Update https://digital.gov/resources/required-web-content-and-links/?dg

Tell us how we can make this page better

DHS issued a new binding operational directive in Sept 2020 requiring agencies to create a new agency.gov/vulnerability-disclosure-policy page.
We'll need to add guidance for agencies on how to implement this directive.

The DHS BOD 20-01 page (https://cyber.dhs.gov/bod/20-01/) contains the implementation instructions.

Also coordinate w/USWDS team so they can update the Identifier component.
@GSA GSA deleted a comment from github-actions bot Apr 5, 2021
@RachelF
Copy link
Contributor Author

RachelF commented Apr 5, 2021

Security

Agencies must have a way for the public to report potential security vulnerabilities, and explain how the agency will respond to such reports.

  • Ensure your site's Security Contact and Organization are current in the .gov registrar
  • Publish a vulnerability disclosure policy at [agency].gov/vulnerability-disclosure-policy

Suggested link text:

  • Vulnerability Disclosure Policy

Required on:

  • Your website policies page

Required by:

  • Department of Homeland Security (DHS) Binding Operational Directive 20-01

POLICY
DHS Binding Operational Directive 20-01

@RachelF
Copy link
Contributor Author

RachelF commented Apr 5, 2021

@saracope @ToniBonittoGSA Sorry, I forgot to tag you when I originally opened this. We need to add a new section to the Req Links page. Feel free to edit what I've suggested and let me know if you need anything else.

@afeijoo
Copy link
Contributor

afeijoo commented Apr 7, 2021

LGTM

@saracope saracope mentioned this issue Apr 8, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@afeijoo afeijoo

@saracope saracope

@ToniBonittoGSA ToniBonittoGSA

Labels
feedback
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add info on BOD 20-01 GSA/digitalgov.gov
4 participants
@afeijoo @saracope @RachelF @ToniBonittoGSA