CISA has issued Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, to establish specific timeframes for federal civilian agencies to remediate vulnerabilities that are being actively exploited by known adversaries. To support this Directive, CISA has established a catalog of relevant vulnerabilities. This catalog will be updated regularly, and organizations can sign up for notifications when new vulnerabilities are added.
CISA strongly recommends that private businesses, industry, and state, local, tribal and territorial (SLTT) governments prioritize mitigation of vulnerabilities in CISA’s Directive and sign up for updates to the catalog.
CISA urges organizations to review BOD 22-01 and the Reducing the Significant Risk of Known Exploited Vulnerabilities fact sheet for more information.
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.