Author: Jane Edwards|| Date Published: December 13, 2022
Joel Krooswyk, federal chief technology officer at GitLab (Nasdaq: GTLB), said “open source developers take pride in their code” and their commitment to security reflects through their collaborative efforts to quickly address vulnerabilities.
“Neither corporate nor individual contributors want their names on code that has vulnerabilities. Therefore, fixes and patches are developed and submitted quickly into repositories,” Krooswyk wrote.
He noted that 2023 will be the year for government agencies to comply with mandates from the National Institute of Standards and Technology, Office of Management and Budget and the Cybersecurity and Infrastructure Security Agency to ensure the security of the software supply chain.
“Agencies will be asked to institute security scanning and other testing, and they will be required to have software bills of materials and other attestation in place to verify that their vendors adhere to government mandates,” Krooswyk said.
He cited the need for agencies to adopt platforms and tools that could offer them comprehensive visibility into vulnerabilities in software or applications.
Krooswyk mentioned the role of visibility and traceability as a key principle of software development and noted that code quality testing, security scanning and fuzz testing are some of the activities that could help agencies ensure the security of their code.
SentinelOne, a company specializing in artificial intelligence security, has promoted Barry Padgett to president and chief operating officer. The appointment takes effect…
Anduril Industries and Palantir Technologies are helping develop software for the potential $185 billion Golden Dome next-generation missile defense shield,…
Former CACI International executive Jeffrey Keen has been named senior vice president of federal civilian programs at defense and national security company Xcelerate Solutions.…
