Software Development

NASA Spent $35 Million on ‘Wasteful’ Software Licenses and Fees, Report Says

NASA’s current software management operations put it years away from achieving a centralized and consolidated enterprise computing model, according to its inspector general.

  • By Chris Riotta

Governments View Open Source as Critical for Enhancing Digital Services, Experts Say

The U.S. government is “still in the process of organizing and coordinating” its own strategy around the use of open source software, according to a CISA official.

  • By Edward Graham

Defense Logistics Agency to Shift Warehouse Management to Commercial Software

The agency wants to modernize its distribution and warehouse management systems but says it can’t do that with 20-year-old government-built technology.

  • By Aaron Boyd

The Federal Government is Moving on Memory Safety for Cybersecurity

The issue of how coding languages might support software developers’ management of memory has recently gotten attention from the National Security Council, the Cybersecurity and Infrastructure Security Agency and Congress.

  • By Mariam Baksh

Cyber Director’s Preview of National Strategy Highlights Federal Software Procurement

The national cyber director also indicated plans to rely on feedback from members of the software industry who are working on recommendations for “streamlining” sector-specific regulations.

  • By Mariam Baksh

The Federal Government is Pushing for Security-Aware Developers

But do official recommendations work in their world?

  • By Pieter Danhieux

Trade Org Urges OMB to ‘Harmonize’ Secure Software Development Practices

The Information Technology Industry Council asked OMB to clarify a memorandum that was creating challenges for software producers.

  • By Kirsten Errick

Latest Guidance Outlines Customer Responsibilities for Software Security

The guide provides recommendations throughout the product lifecycle, from procurement to deployment.

  • By Kirsten Errick

CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers

New guidance from the federal agencies—and major companies serving the government—tries to distinguish between the security duties of software developers, suppliers and consumers.

  • By Mariam Baksh

Agencies Shouldn’t 'Just Trust' Software Vendors' Security Assurances, IG Warns

NIST advisors debating the merits of OMB’s policy on software vendors’ “self-attestation” to secure development practices found common ground on a need for audits and testing.

  • By Mariam Baksh

Senators’ Plan to Secure Open Source Software Involves Agencies Using More of It

The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source code.

  • By Mariam Baksh

Bipartisan Senate Bill Aims to Safeguard Open Source Software

The Securing Open Source Software Act would task the Office of Management and Budget with issuing guidance around the secure usage of open source software and give new oversight responsibilities to the Cybersecurity and Infrastructure Security Agency.

  • By Chris Riotta

Industry Objections Spur Changes to Cybersecurity Provisions in Defense Bill  

Key members of the House and Senate are altering proposals for identifying systemically important critical infrastructure and securing the software supply chain.

  • By Mariam Baksh

OMB: New Acquisition Rule Coming for Vendors to Vouch for Their Software Security

Agencies are also allowed to accept to-do lists from vendors who need to keep working up to a point where they can self-attest their compliance with NIST guidance.

  • By Mariam Baksh
Featured eBooks
The IT Modernization Mission
Read Now

Ransomware Threat

Read Now

What's Next For Government Cloud

Read Now

Federal Agencies Exploring Computing at the Edge

Read Now

DOD Needs to Modernize its Software Architecture for Next-Gen Warfare, Report Says

A paper published by the Center for Strategic and International Studies calls for the U.S. military to modernize legacy warfighting systems in order to prepare for future conflicts.

  • By Edward Graham

New Guide to Secure Software Development Passes on Content but Fails on Communication, Industry Official Says

The lengthy document may miss its target audience altogether, one industry observer notes.

  • By Mariam Baksh

Survey: Security Continues to be Major Factor for DevOps Platforms

Shifting left and other security measures are an important part of the development process and an increasing number of respondents are or intend to utilize this practice.

  • By Kirsten Errick

The Pentagon’s Plan to Speed Up Software Buying for Weapons Systems

The DOD’s dedicated software acquisition pathway is nearly two years old, and is already being used by a few dozen programs.

  • By Lauren C. Williams

Data Gap Poses Risks for Launch Site of VA’s New Health Record

The commercial electronic health record system being introduced by the Department of Veterans Affairs is proving difficult and expensive to adapt to the agency’s data reporting requirements.

  • By Adam Mazmanian

CISA Solicits Feedback on Finer Points of Coming Software Transparency Requirement

The agency has identified four topics—including considerations for cloud and online applications—it wants to hear more about from stakeholders. 

  • By Mariam Baksh

Federal CISO: Recommendations In to Acquisition Council for Software Procurement

Federal CISO Chris DeRusha says he doesn’t want to tie agencies’ hands regarding self attestation versus third-party verification of vendor practices.

  • By Mariam Baksh