No agency has yet to require them in any major way. We first heard about the term SBOM, or software bill of materials, back in May of...
The issue of how coding languages might support software developers’ management of memory has recently gotten attention from the National Security Council, the Cybersecurity and Infrastructure...
The national cyber director also indicated plans to rely on feedback from members of the software industry who are working on recommendations for “streamlining” sector-specific regulations....
The Information Technology Industry Council asked OMB to clarify a memorandum that was creating challenges for software producers. The Information Technology Industry Council, or ITI—a technology...
The guide provides recommendations throughout the product lifecycle, from procurement to deployment. Several agencies published the last part in a series about securing the software supply chain, this...
A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in their...
New guidance from the federal agencies—and major companies serving the government—tries to distinguish between the security duties of software developers, suppliers and consumers. Software suppliers have...
NIST advisors debating the merits of OMB’s policy on software vendors’ “self-attestation” to secure development practices found common ground on a need for audits and testing....
The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source code. Leading cybersecurity...
The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source code. Leading cybersecurity...
Recent Comments