Software Development
Nearly 200 firms have signed pledge to build more secure software, top cyber official says
The initial tally began at around 70 companies when CISA first headlined the initiative at RSA Conference in San Francisco.
How the CrowdStrike outage carved out new opportunities for hackers
Former U.S. officials and security practitioners are wondering how a defective CrowdStrike patch for Windows systems fell through the cracks and created more cascading security risks.
White House in talks with industry to build legal framework for software liability
As part of a broad cybersecurity strategy, the U.S. wants to create incentives for the tech industry to manufacture products and software that don’t contain major security flaws.
Linux backdoor was a long con, possibly with nation-state support, experts say
If the XZ Utils vulnerability hadn’t been caught in time, hackers would have had a “skeleton key to the world,” one analyst told Nextgov/FCW.
How to fix the military’s software SNAFU
COMMENTARY | Too many of its apps are built on code riddled with vulnerabilities—and distributed by the Pentagon itself.
CISA rolls out secure software attestation form
A repository for software attestation submissions will be available later in March.
White House urges software developers to use memory-safe programming languages
A number of headline-making cyberattacks started with memory safety flaws, a White House cyber official said.
White House to release memory-safe code guidance in coming weeks
The U.S. and other intelligence partners have previously advised developers to adopt memory-safe programming languages.
Cruz, Peters introduce bill prodding agencies to share custom code
The lawmakers say that existing policies on sharing such code aren’t being implemented by agencies.
Congress takes up software supply chain security
The FITARA scorecard could become a vehicle for measuring agency progress against the administration's software security goals.
Job 1 for makers of anti-drone defenses: write good software
Pentagon buyers are looking for control systems that are reliable, easy to use, and simple to update.
Army hopes big-data techniques can help secure its clouds
“Multifactor authentication will not be enough,” said the Army’s senior cyber leader.
Featured eBooks
White House looks to shore up open source software security
The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon."
CISA unveils plan to measure cybersecurity success
The Cybersecurity and Infrastructure Security Agency's 2024-2026 cybersecurity roadmap focuses on public-private partnerships and using metrics to gauge the effectiveness of cybersecurity measures.
How to think like a software factory
The Department of Defense needs to look to its own innovation hubs for lessons on how to keep up with the pace of technological change and emerging threats.
Public sector apps face widespread security challenges, report reveals
A new study found alarming security vulnerabilities across the vast majority of public applications over the last year.
How Tax Credits Could Present Near-Term Motivation for More Secure Devices
As federal officials call for tech firms to take more responsibility for the security of their products, some members of Congress and industry voices have highlighted the potential of cyber investment tax credits as an incentive.
Security a Top Priority in the Software Development Process, Report Finds
However, the government is lagging behind the private sector in using some of these tools.
Cyber Strategy Aims to Ensure Secure US Tech Design, Set International Example
Federal cybersecurity experts cited the importance of international and domestic partnerships in implementing cybersecurity standards and protocols.
Senators Try Again to Advance Software License Bill
Sens. Gary Peters (D-Mich.) and Bill Cassidy (R-La.) have brought back the Strengthening Agency Management and Oversight of Software Assets Act with a few new changes after the proposal came up short last fall.
