Google Rolls out New Cybersecurity Initiatives to Improve Vulnerability Management
Recently, the search engine giant Google announced a number of cybersecurity initiatives targeted at improving the ecosystem for managing vulnerabilities and providing more transparency standards against exploitation. Incomplete vendor fixes are another source of security risks, and many of the zero-day vulnerabilities that are exploited in the field wind up being modified versions of already fixed flaws.
To eliminate whole classes of threats and prevent prospective attack pathways, it is necessary to address the core cause of the vulnerabilities and prioritize current safe software development practices. Along with Bugcrowd, HackerOne, Intel, Intigriti, and Luta Security, Google announced that it is establishing a Hacking Policy Council to “ensure new policies and regulations support best practices for vulnerability management and disclosure.”
Furthermore, in an announcement, Google said,
While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they’re known and fixed, which is the real story, Those risks span everything from lag time in OEM adoption, patch testing pain points, end user update issues, and more.
Google Launches New Cybersecurity Initiatives
Google emphasized that it is devoted to disclosing events to the public whenever it discovers evidence of active exploitation of vulnerabilities throughout its product line. The internet giant also announced the creation of a Security Research Legal Defence Fund, which will offer initial support for legal counsel for anyone conducting research in good faith to identify and report vulnerabilities in a way that promotes cybersecurity.
The objective is to break free from the “doom loop” of vulnerability patching and threat mitigation, according to the business, by “focusing on the fundamentals of secure software development, good patch hygiene, and designing for security and ease of patching from the start.”
Google’s most recent security initiative emphasizes the need to look beyond zero-day vulnerabilities by making exploitation difficult in the first place, driving patch adoption for known vulnerabilities in a timely manner, establishing policies to address product life cycles, and informing users when products are actively exploited.
Check out which App Are Used For Hacking Wifi on Android Phones.
Additionally, it helps to emphasize how crucial it is to use secure-by-design principles at every stage of the software development lifecycle.
Check out? Opera Brings Free VPN to iOS to Rival Google and Apple’s Paid Services.
PTA Taxes Portal
Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal
Explore NowFollow us on Google News!