Software Development

Bipartisan Senate Bill Aims to Safeguard Open Source Software

The Securing Open Source Software Act would task the Office of Management and Budget with issuing guidance around the secure usage of open source software and give new oversight responsibilities to the Cybersecurity and Infrastructure Security Agency.

  • By Chris Riotta

Industry Objections Spur Changes to Cybersecurity Provisions in Defense Bill  

Key members of the House and Senate are altering proposals for identifying systemically important critical infrastructure and securing the software supply chain.

  • By Mariam Baksh

OMB: New Acquisition Rule Coming for Vendors to Vouch for Their Software Security

Agencies are also allowed to accept to-do lists from vendors who need to keep working up to a point where they can self-attest their compliance with NIST guidance.

  • By Mariam Baksh

DOD Needs to Modernize its Software Architecture for Next-Gen Warfare, Report Says

A paper published by the Center for Strategic and International Studies calls for the U.S. military to modernize legacy warfighting systems in order to prepare for future conflicts.

  • By Edward Graham

New Guide to Secure Software Development Passes on Content but Fails on Communication, Industry Official Says

The lengthy document may miss its target audience altogether, one industry observer notes.

  • By Mariam Baksh

Survey: Security Continues to be Major Factor for DevOps Platforms

Shifting left and other security measures are an important part of the development process and an increasing number of respondents are or intend to utilize this practice.

  • By Kirsten Errick

The Pentagon’s Plan to Speed Up Software Buying for Weapons Systems

The DOD’s dedicated software acquisition pathway is nearly two years old, and is already being used by a few dozen programs.

  • By Lauren C. Williams

Data Gap Poses Risks for Launch Site of VA’s New Health Record

The commercial electronic health record system being introduced by the Department of Veterans Affairs is proving difficult and expensive to adapt to the agency’s data reporting requirements.

  • By Adam Mazmanian

CISA Solicits Feedback on Finer Points of Coming Software Transparency Requirement

The agency has identified four topics—including considerations for cloud and online applications—it wants to hear more about from stakeholders. 

  • By Mariam Baksh

Federal CISO: Recommendations In to Acquisition Council for Software Procurement

Federal CISO Chris DeRusha says he doesn’t want to tie agencies’ hands regarding self attestation versus third-party verification of vendor practices.

  • By Mariam Baksh

Critical Update: The Call for Greater Software Transparency is Louder than Ever

Agencies will soon be required to ask vendors for a software bill of materials—or SBOM—to help manage vulnerabilities like those found in the Log4J library, but much of its contents could still be open to negotiation.

  • By Mariam Baksh

Air Force software factory looks to unleash 'chaos' on civilian IT shops

The Kessel Run group is currently developing a playbook that would make it easier for organizations across the federal government to adopt engineering and security best practices.

  • By Lauren C. Williams

Microsoft to Offer Its Office 365 Platform for Classified Workloads

Microsoft’s popular software-as-a-service offering is undergoing government review to ensure it can host some kinds of classified data.

  • By Frank Konkel

Software Certification Could Get A Little Simpler Under Evolving DARPA Project

An effort worth millions, led by GE Research, could result in an automated assurance model.

  • By Brandi Vincent
Featured eBooks
The IT Modernization Mission
Read Now

Ransomware Threat

Read Now

What's Next For Government Cloud

Read Now

Federal Agencies Exploring Computing at the Edge

Read Now

The Next Big Quantum Leap May Require Better Software

The raw power of increasingly advanced quantum computers could necessitate advances in software to make sense of the noise.

  • By John Breeden II

NIST Suggests Agencies Accept the Word of Software Producers Per Executive Order

The standards agency said an attestation from vendors themselves would be sufficient when screening for cybersecurity, unless an agency's risk calculus suggests otherwise.

  • By Mariam Baksh

Successful DevSecOps Starts With Trust, Government Experts Say

The pandemic forced new ways of thinking in government software development.

  • By Patience Wait

Air Force Chief Software Office Prepares ‘Big Questions’ for Next CSO

A bit has unfolded since the branch's first chief software officer, Nic Chaillan, left the government earlier this year.

  • By Brandi Vincent

Dev[SecAudCom]Ops—Not Really, But Don’t Overlook Audit and Compliance as Part of Security

The acronym for integrating security and agile development cycles may have gotten out of hand, officials say, but the core values are key to producing good software.

  • By Patience Wait

What Agencies Need to Do to Combat Shadow IT Driven by Cloud Sprawl  

Cloud sprawl happens when development teams spin up new cloud resources, forget about them, then move on to the next urgent task.

  • By Aaron Kilinski

Don’t Blindly Trust Software Building Blocks, Report Says

Developers must use safer tools, a recent report concluded.

  • By Patience Wait