Ideas

All software is guilty until proven innocent

COMMENTARY | Agencies must embrace "shifting left," an approach that takes securing software in mind at the beginning of the development lifecycle.

  • By Chris Wysopal
Digital Government

Data Gap Poses Risks for Launch Site of VA’s New Health Record

The commercial electronic health record system being introduced by the Department of Veterans Affairs is proving difficult and expensive to adapt to the agency’s data reporting requirements.

  • By Adam Mazmanian
Cybersecurity

CISA Solicits Feedback on Finer Points of Coming Software Transparency Requirement

The agency has identified four topics—including considerations for cloud and online applications—it wants to hear more about from stakeholders. 

  • By Mariam Baksh
Cybersecurity

Federal CISO: Recommendations In to Acquisition Council for Software Procurement

Federal CISO Chris DeRusha says he doesn’t want to tie agencies’ hands regarding self attestation versus third-party verification of vendor practices.

  • By Mariam Baksh
Podcasts

Critical Update: The Call for Greater Software Transparency is Louder than Ever

Agencies will soon be required to ask vendors for a software bill of materials—or SBOM—to help manage vulnerabilities like those found in the Log4J library, but much of its contents could still be open to negotiation.

  • By Mariam Baksh
Modernization

Air Force software factory looks to unleash 'chaos' on civilian IT shops

The Kessel Run group is currently developing a playbook that would make it easier for organizations across the federal government to adopt engineering and security best practices.

  • By Lauren C. Williams
Digital Government

Microsoft to Offer Its Office 365 Platform for Classified Workloads

Microsoft’s popular software-as-a-service offering is undergoing government review to ensure it can host some kinds of classified data.

  • By Frank Konkel
Modernization

Software Certification Could Get A Little Simpler Under Evolving DARPA Project

An effort worth millions, led by GE Research, could result in an automated assurance model.

  • By Brandi Vincent
Emerging Tech

The Next Big Quantum Leap May Require Better Software

The raw power of increasingly advanced quantum computers could necessitate advances in software to make sense of the noise.

  • By John Breeden II
Cybersecurity

NIST Suggests Agencies Accept the Word of Software Producers Per Executive Order

The standards agency said an attestation from vendors themselves would be sufficient when screening for cybersecurity, unless an agency's risk calculus suggests otherwise.

  • By Mariam Baksh
Modernization

Successful DevSecOps Starts With Trust, Government Experts Say

The pandemic forced new ways of thinking in government software development.

  • By Patience Wait
Modernization

Air Force Chief Software Office Prepares ‘Big Questions’ for Next CSO

A bit has unfolded since the branch's first chief software officer, Nic Chaillan, left the government earlier this year.

  • By Brandi Vincent
Modernization

Dev[SecAudCom]Ops—Not Really, But Don’t Overlook Audit and Compliance as Part of Security

The acronym for integrating security and agile development cycles may have gotten out of hand, officials say, but the core values are key to producing good software.

  • By Patience Wait
Ideas

What Agencies Need to Do to Combat Shadow IT Driven by Cloud Sprawl  

Cloud sprawl happens when development teams spin up new cloud resources, forget about them, then move on to the next urgent task.

  • By Aaron Kilinski
Modernization

Accounting for software in weapons systems

The Defense Department is still trying to figure out the best way to buy software and track that spending. But could the answer be in separating out those costs from the hardware required in major acquisitions?

  • By Lauren C. Williams
Cybersecurity

Don’t Blindly Trust Software Building Blocks, Report Says

Developers must use safer tools, a recent report concluded.

  • By Patience Wait
Cybersecurity

NIST Seeks Feedback on Cybersecurity Labels for Software

The effort aims to create a user-friendly label to educate consumers about their purchases.

  • By Alexandra Kelley
Ideas

Follow These 3 Ts for Faster, More Effective Application Development

Government agencies must optimize application development to realize digital transformation goals. Facilitating collaboration and aligning DevOps, IT, security and mission owners is crucial to this mission.

  • By Ian Tien
Acquisition

DIU director: Look beyond reform to keep the technological edge

Mike Brown, the director of the Defense Innovation Unit, said the acquisition reform is needed for the requirements, budgeting processes.

  • By Lauren C. Williams
Modernization

Building a Cloud-Savvy Workforce May Mean Rethinking Degree Requirements

Government and industry officials question how they can keep cloud positions filled when they require various degrees and certifications.

  • By Patience Wait
Previous
Next