As follow-on guidance to Office of Management and Budget’s (OMB) September 14, 2022 memo and the associated Executive Order on Improving the Nation’s Cybersecurity from May 2021, the Cybersecurity and ...

From continuous diagnostics and mitigation to Zero Trust to Secure by Design, the federal government’s approach to cybersecurity is constantly evolving as we learn more about the threats.

Professional and state-sponsored hacking groups are dedicating more time, money, and effort to cybercrime every year. Threat actors use novel techniques in new types of attacks that some of the ...

Starting this week, the General Services Administration is collecting common forms for new software contracts from providers and contractors in accordance with a 2022 Office of Management and Budget ...

For all the scary talk about cyberattacks from vendors and industry experts, relatively few attacks are actually devastating. But the Jaguar Land Rover (JLR) attack was. The JLR breach wasn’t some ...

This whitepaper covers how to expedite authority to operate and secure development at scale in the U.S. Government by connecting secure software development and ATO. U.S. government agencies are ...

A reflection of the Department of Homeland Security logo in the eyeglasses of a cybersecurity analyst (Mark J. Terrill/AP/File) There’s no question that open-source software is central to the ...

SUNNYVALE, Ca.--(BUSINESS WIRE)--In response to rising software supply chain attacks, BlueFlag Security is delivering enhanced capabilities within its platform for software development life cycle ...

Customer satisfaction is key to product success. That’s why development teams are often tempted to prioritize application performance and functionality, hoping to introduce necessary cybersecurity ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...

Software security may finally be getting the attention it deserves as more countries institute necessary guidelines. But with threats increasing against the software supply chains, it is too soon to ...

Validating the integrity of IT products’ supply chain has been a critical part of cybersecurity for years. Historically, hardware bill of materials were scrutinized by federal agencies to ensure that ...