government open source software (GOSS)

NIST: Adopt a Secure Software Development Framework (SSDF) to Mitigate Risk of Software Vulnerabilities

Posted on June 11, 2020 by Jason Green

This Spring, the National Institute of Standards and Technology (NIST), released updated recommendations (.pdf) to improve software resilience against vulnerabilities. This builds on an earlier, four-part framework released last year.
As the depar… Continue reading NIST: Adopt a Secure Software Development Framework (SSDF) to Mitigate Risk of Software Vulnerabilities→

Federal DevSecOps Leaders: It’s Time to Join The Conversation

Posted on April 10, 2020 by April Downey

Over the past three years, we’ve held the Federal DevSecOps Leadership Forum in Washington, D.C., where government decision-makers come together and share their DevSecOps journeys on stage with government leaders across the community.
… Continue reading Federal DevSecOps Leaders: It’s Time to Join The Conversation→

NIST Proposes Standards to Secure Government SDLC

Posted on July 31, 2019 by Katie McCaskey

Earlier this Summer, the National Institute of Standards and Technology (NIST), a part of the U.S. Chamber of Commerce, proposed a set of standards to address software supply chain attacks – and the growing need for better software security.
The p… Continue reading NIST Proposes Standards to Secure Government SDLC→