Archived Content
In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.CISA Releases Binding Operational Directive on Vulnerability Remediation
The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 19-02, Vulnerability Remediation Requirements for Internet-Accessible Systems. BOD 19-02 requires federal agencies to ensure effective and timely remediation of critical and high vulnerabilities.
CISA encourages users and administrators to review the CISA blog post on the BOD 19-02 release. Federal agencies should review BOD 19-02 for required actions and reporting procedures.
This product is provided subject to this Notification and this Privacy & Use policy.