Author: Jane Edwards|| Date Published: July 26, 2022
Prakash Sethuraman, chief information security officer at CloudBees, said federal agencies looking to address the complexity of software security and compliance should advance the adoption of automation and continuous authorizations to operate.
“In the world of microservices, public cloud-native applications and high-frequency releases, ATOs that periodically assess the suitability of a process are no longer valid,” Sethuraman wrote.
He noted that agencies seeking to deliver continuous ATOs should pursue compliance in real time for software supply chains.
“Deployments of software to production should be automatically prevented if the required criteria are not met,” Sethuraman said.
“When security and compliance are transparent and continuous, the DevSecOps ecosystem creates a safety net that operates in real time to prevent security missteps and ultimately helps boost the productivity and creativity of development teams,” he added.
Sethuraman cited the three questions ATO users should answer to address cybersecurity challenges facing software developers and discussed the need for agencies to ensure security as they go for speed when it comes to app development.
CACI International has secured a potential five-year, $416 million SeaPort-Next Generation task order to sustain and modernize information technology systems…
Cherry Bekaert has acquired accounting and advisory firm Tarsus to expand outsourced accounting, real-time financial reporting and strategic chief financial…
General Dynamics Information Technology has received a U.S. Navy contract worth $988 million to modernize and integrate command, control, communications,…
Dave Wajsgras, an eight-time Wash100 Award winner, has been named chairman and CEO of Everfox. The cybersecurity company said Monday that Wajsgras will…
The Transportation Security Administration has announced a contract opportunity with an estimated value exceeding $100 million for enterprise-wide IT support…
