Open Source

Hackers Connected to China Have Compromised U.S. Government Systems, CISA says

Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.

CISA Warns of Vulnerabilities in Popular Domain Name System Software 

Security advisories note attackers could remotely exploit flaws to cause a denial of service.

Open-Source Project Aims to Broaden Access to Early Alerts for Earthquakes 

Using internet of things devices and open-source standards, developers and citizen scientists can help monitor earthquake activity, deliver alerts in moments of risk—and more. 

NTIA to Host Proof-of-Concept Summit in Software Transparency Effort

More agencies are starting to ask suppliers for a software bill of materials in building a foundation for better, faster cybersecurity.

The Air Force’s Latest GPS Alternative: Earth’s Magnetic Fields

Officials just launched a public challenge to help create the artificial intelligence needed to turn the planet’s magnetic fields into readable maps.

Industry Calls on Government to Invest Billions for Developing Secure 5G Networks 

Comments to the NTIA also say the administration shouldn’t choose winners and losers to compete with Chinese telecoms giant Huawei.

State Department Harnesses Data to Help Bring Americans Home Safely During the Pandemic

The agency turned to data-focused teams and products to help decision-makers prioritize options.

18F Launches New Portfolio to Target Defense and Intelligence Agencies

The government’s digital consultancy shop has gained some experience in defense and national security issues and has built a new service line to focus on those agencies.

Sensitive Data Must Be Protected. That Doesn’t Mean It Can’t Also Be Used.

Two promising tools may allow agencies to share data while maintaining privacy and security requirements.

3 Ways Open Source is Accelerating Geoint for Defense Missions

For starters, collaborative tools can bring intelligence, private sector and academic communities into challenges.

Local Election Officials Can Get Free Election Auditing Software from the Feds

The open-source software is already being piloted in at least six states and officials say it can help authenticate results in 2020.

EPA Rule Will Make Its Custom Code Open Source By Default

As part of the new policy, EPA will create an enterprise code inventory to classify the extent to which all custom-built software will be shared with other agencies and the general public.

Senate Bill Would Open Some Weather Agency Models to the Public

The bill would require the National Oceanic and Atmospheric Administration to share more weather modeling data with third parties and review possible innovations.

Achieving DevSecOps Success Depends More on Trust than Tooling

Let’s explore what’s behind the cultural clash between the development, security and operations teams.

Energy is Updating Its Cyber Posture Assessment Tool  

The Cybersecurity Capability Maturity Model helps organizations in government and industry assess how their cyber defenses stack up against established standards.

DHS Funds Research to Improve Software Security Analysis

The Science and Technology Directorate awarded a contract to standardize the process for evaluating static analysis tools, which agencies use to hunt for bugs in their IT systems.

Report: Code Responsible for Equifax Breach Downloaded 21 Million Times Last Year

The situation highlights the challenge of securing open source software, which underlies virtually every IT system in government.