Open-source software security firm Chainguard announced Wednesday that it is now building FIPS-validated images for Apache Cassandra, achieving what it describes as a first-of-its-kind accomplishment in the open-source community. The project enables organizations in regulated industries — including government, health care, and finance — to deploy Cassandra with cryptographic libraries compliant with the National Institute…
Category: secure by design
Chainguard, Emerging Tech, Global Security News, open source, secure by design, software security, Uncategorized
Projecting the next decade of software supply chain security
With the rapid pace of innovation accelerating under a new administration, discussions over whether software security will be sidelined in favor of speed are heating up. However, security leaders have long been saying that security protocols shouldn’t slow down development plans — and they don’t when done correctly. This perception must be adopted more widely…
Amazon Web Services (AWS), Asia Pacific, china, CISA, Congress, critical infrastructure, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), Foundation for Defense of Democracies, Global Security News, Google, Government, Jack Cable, Microsoft, Policy, regulation, Salt Typhoon, secure by design, telecommunications, Treasury Department, Volt Typhoon
A CISA secure-by-design guru makes the case for the future of the initiative
One of the chief architects of the Cybersecurity and Infrastructure Security Agency campaign to get software developers to design their products with security in mind said he believes it could be one of the best tools the Trump administration has to counter China. Jack Cable, who is departing his role as senior technical adviser Thursday,…
CISA, critical infrastructure, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), Global Security News, Government, grants, Harry Coker, Jen Easterly, National Cyber Director, National Cybersecurity Strategy, North America, NSM-22, Office of the National Cyber Director, Policy, secure by design, semiconductors
Playbook advises federal grant managers how to build cybersecurity into their programs
Two U.S. cyber agencies released guidance Tuesday on how federal grant managers should incorporate cybersecurity in their programs for critical infrastructure projects, as well as how potential recipients can take it into account. The Office of the National Cyber Director and the Cybersecurity and Infrastructure Security Agency publication — the “Playbook for Strengthening Cybersecurity in…