THREAT OPS › Threat News › CISA BOD 26-04: Frequently asked questions about the new risk-based patching directive
CISA BOD 26-04: Frequently asked questions about the new risk-based patching directive
<p>CISA issued BOD 26-04, which replaces BOD 22-01 with a four-variable vulnerability prioritization model requiring federal agencies to patch the most dangerous vulnerabilities in as few as three days.</p><div class="blog-see-also"><div class="col-sm-12"><h2><strong>Key takeaways</strong></h2><ol><li>BOD 26-04 replaces BOD 22-01 with a four-variable risk model that assigns graduated remediation t
MITRE ATT&CK techniques
Indicators of compromise
- https://www.whitehouse.gov/presidential-actions/2026/06/promoting-advanced-artificial-intelligence-innovation-and-security/url
- https://connect.tenable.com/category/news-you-need/discussions/vulnerability-watchurl
- https://www.verizon.com/business/resources/reports/dbir/url