SBOM

Foundation for origin data through software attestations set

Jason Weiss, the chief operating officer of TestifySec, explains why CISA’s repository of software data must be more than ‘compliance theater.’

Commentary

Agencies still seek software bills of material, not bills of goods

Technology

Best practices for tackling software security compliance complexity

Commentary

Sign outside of Pacific Northwest National Laboratory

For the Pacific Northwest National Laboratory cybersecurity starts with research and zero trust

Federal Insights

How to get to the bottom of the hype about software bills of materials

Cybersecurity

Amelia Brust/Federal News Network

NSA, CISA call on software developers, suppliers to improve open source software management practices

Cybersecurity

NIST researchers take on software supply chain questions

Cybersecurity

Seeking government contracts? Get your cyber act together

Commentary

Federal CISO looks ahead to conversation around new contractor cyber rules

Acquisition Policy

NSA backs SBOM requirements in latest secure software advisory

Cybersecurity

Army diving ‘headfirst’ into SBOMs to secure software supply chain

Army

Industry can live with the latest orders on secure software development

Industry groups seem to support the Biden administration Sept. 14 memo on secure software development and acquisition

Cybersecurity

Head shots of Clayton, Alvarez and Smith

Procurement & compliance trends in the federal marketplace

Baker Tilly’s Jeff Clayton, Leo Alvarez, and Julia Smith host Roger Waldron on this week’s Off the Shelf, for a wide-ranging discussion of compliance,…

Off the Shelf

Industry associations raise alarm bells over legislating software security

Cybersecurity

Section 6722 of the 2023 NDAA would require DHS to mandate a bill of materials for technology from current and future contractors and some in industry are calling the provision problematic.