Cybersecurity

Linux backdoor was a long con, possibly with nation-state support, experts say

If the XZ Utils vulnerability hadn’t been caught in time, hackers would have had a “skeleton key to the world,” one analyst told Nextgov/FCW.

  • By David DiMolfetta
Ideas

How to fix the military’s software SNAFU

COMMENTARY | Too many of its apps are built on code riddled with vulnerabilities—and distributed by the Pentagon itself.

  • By John Speed Meyers
Cybersecurity

CISA rolls out secure software attestation form

A repository for software attestation submissions will be available later in March.

  • By David DiMolfetta
Cybersecurity

White House urges software developers to use memory-safe programming languages

A number of headline-making cyberattacks started with memory safety flaws, a White House cyber official said.

  • By David DiMolfetta
Cybersecurity

White House to release memory-safe code guidance in coming weeks

The U.S. and other intelligence partners have previously advised developers to adopt memory-safe programming languages.

  • By David DiMolfetta
Modernization

Cruz, Peters introduce bill prodding agencies to share custom code

The lawmakers say that existing policies on sharing such code aren’t being implemented by agencies.

  • By Natalie Alms
Cybersecurity

Congress takes up software supply chain security

The FITARA scorecard could become a vehicle for measuring agency progress against the administration's software security goals.

  • By Adam Mazmanian
Defense

Job 1 for makers of anti-drone defenses: write good software

Pentagon buyers are looking for control systems that are reliable, easy to use, and simple to update.

  • By Lauren C. Williams
Defense

Army hopes big-data techniques can help secure its clouds

“Multifactor authentication will not be enough,” said the Army’s senior cyber leader.

  • By Patrick Tucker
Cybersecurity

White House looks to shore up open source software security

The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon."

  • By Chris Riotta
Cybersecurity

CISA unveils plan to measure cybersecurity success

The Cybersecurity and Infrastructure Security Agency's 2024-2026 cybersecurity roadmap  focuses on public-private partnerships and using metrics to gauge the effectiveness of cybersecurity measures.

  • By Alexandra Kelley
Ideas

How to think like a software factory

The Department of Defense needs to look to its own innovation hubs for lessons on how to keep up with the pace of technological change and emerging threats.

  • By Bryon Kroger
Cybersecurity

Public sector apps face widespread security challenges, report reveals

A new study found alarming security vulnerabilities across the vast majority of public applications over the last year.

  • By Chris Riotta
Cybersecurity

How Tax Credits Could Present Near-Term Motivation for More Secure Devices

As federal officials call for tech firms to take more responsibility for the security of their products, some members of Congress and industry voices have highlighted the potential of cyber investment tax credits as an incentive.

  • By Edward Graham
Policy

Security a Top Priority in the Software Development Process, Report Finds

However, the government is lagging behind the private sector in using some of these tools.

  • By Kirsten Errick
Cybersecurity

Cyber Strategy Aims to Ensure Secure US Tech Design, Set International Example

Federal cybersecurity experts cited the importance of international and domestic partnerships in implementing cybersecurity standards and protocols.

  • By Alexandra Kelley
Digital Government

Senators Try Again to Advance Software License Bill

Sens. Gary Peters (D-Mich.) and Bill Cassidy (R-La.) have brought back the Strengthening Agency Management and Oversight of Software Assets Act with a few new changes after the proposal came up short last fall.

  • By Carten Cordell
Cybersecurity

National Cyber Strategy Seeks to Shift Burden from Consumers to Tech Firms

The strategy calls for Congress to pass legislation that would “shift liability onto those entities that fail to take reasonable precautions to secure their software.”

  • By Edward Graham
Cybersecurity

CISA Director Calls Out Industry Using Consumers as Cyber 'Crash Test Dummies'

The head of the Cybersecurity and Infrastructure Security Agency said technology companies need to be more proactive when it comes to promoting safety and security.

  • By Edward Graham
Ideas

Won’t Get Fooled Again?

COMMENTARY | In the world of cybersecurity, the more things change the more they stay the same. 

  • By Chris Wysopal
Next