Software Development

Survey: Security Continues to be Major Factor for DevOps Platforms

Shifting left and other security measures are an important part of the development process and an increasing number of respondents are or intend to utilize this practice.

The Pentagon’s Plan to Speed Up Software Buying for Weapons Systems

The DOD’s dedicated software acquisition pathway is nearly two years old, and is already being used by a few dozen programs.

Data Gap Poses Risks for Launch Site of VA’s New Health Record

The commercial electronic health record system being introduced by the Department of Veterans Affairs is proving difficult and expensive to adapt to the agency’s data reporting requirements.

CISA Solicits Feedback on Finer Points of Coming Software Transparency Requirement

The agency has identified four topics—including considerations for cloud and online applications—it wants to hear more about from stakeholders. 

Federal CISO: Recommendations In to Acquisition Council for Software Procurement

Federal CISO Chris DeRusha says he doesn’t want to tie agencies’ hands regarding self attestation versus third-party verification of vendor practices.

Critical Update: The Call for Greater Software Transparency is Louder than Ever

Agencies will soon be required to ask vendors for a software bill of materials—or SBOM—to help manage vulnerabilities like those found in the Log4J library, but much of its contents could still be open to negotiation.

Air Force software factory looks to unleash 'chaos' on civilian IT shops

The Kessel Run group is currently developing a playbook that would make it easier for organizations across the federal government to adopt engineering and security best practices.

Microsoft to Offer Its Office 365 Platform for Classified Workloads

Microsoft’s popular software-as-a-service offering is undergoing government review to ensure it can host some kinds of classified data.

Software Certification Could Get A Little Simpler Under Evolving DARPA Project

An effort worth millions, led by GE Research, could result in an automated assurance model.

The Next Big Quantum Leap May Require Better Software

The raw power of increasingly advanced quantum computers could necessitate advances in software to make sense of the noise.

NIST Suggests Agencies Accept the Word of Software Producers Per Executive Order

The standards agency said an attestation from vendors themselves would be sufficient when screening for cybersecurity, unless an agency's risk calculus suggests otherwise.

Successful DevSecOps Starts With Trust, Government Experts Say

The pandemic forced new ways of thinking in government software development.

Air Force Chief Software Office Prepares ‘Big Questions’ for Next CSO

A bit has unfolded since the branch's first chief software officer, Nic Chaillan, left the government earlier this year.

Dev[SecAudCom]Ops—Not Really, But Don’t Overlook Audit and Compliance as Part of Security

The acronym for integrating security and agile development cycles may have gotten out of hand, officials say, but the core values are key to producing good software.

What Agencies Need to Do to Combat Shadow IT Driven by Cloud Sprawl  

Cloud sprawl happens when development teams spin up new cloud resources, forget about them, then move on to the next urgent task.