From continuous diagnostics and mitigation to Zero Trust to Secure by Design, the federal government’s approach to cybersecurity is constantly evolving as we learn more about the threats.

The analysis, conducted by Secure Code Warrior, is supported by former White House cybersecurity officials Kemba Walden and Chris Inglis. Under 4% of software developers across the globe are ...

Makers of software used by the federal government will now be required to affirm that their products are manufactured with secure development practices in mind, filling out a form released Monday by ...

Get the latest federal technology news delivered to your inbox. Incorporating a Secure by Design framework is just the start to engineering a threat-resilient digital environment, per officials ...

In the Global Cybersecurity Institute’s new research space, RIT experts are tackling some of the most pressing computing security problems of today. These researchers include Mehdi Mirakhorli, ...

Customer satisfaction is key to product success. That’s why development teams are often tempted to prioritize application performance and functionality, hoping to introduce necessary cybersecurity ...

Software security may finally be getting the attention it deserves as more countries institute necessary guidelines. But with threats increasing against the software supply chains, it is too soon to ...

The Center for Internet Security, Inc. (CIS®) and the Software Assurance Forum for Excellence in Code (SAFECode) have released a joint white paper, Secure by Design: A Guide to Assessing Software ...

What does it take to make secure software? The Open Source Security Foundation (OpenSSF) has a few ideas (10 of them, in fact). This week at the OpenSSF Day Japan event in Tokyo, the nonprofit group ...

Security leaders and software developers will benefit from deeper visibility into their organisations’ software development security posture as they work, bolstering moves towards the nirvana of ...

If one event demonstrated how vulnerable organisations and infrastructure around the world are to software vulnerabilities, it was Log4j. The critical zero-day vulnerability in the Java logging ...