From continuous diagnostics and mitigation to Zero Trust to Secure by Design, the federal government’s approach to cybersecurity is constantly evolving as we learn more about the threats.

Get the latest federal technology news delivered to your inbox. Incorporating a Secure by Design framework is just the start to engineering a threat-resilient digital environment, per officials ...

Secure-by-design is no longer just a developer concern. Enterprise leaders must treat application security as a board-level ...

Secure software starts before coding begins. Threat modeling, safer defaults, dependency hygiene, and developer workflow ...

The Cybersecurity Infrastructure Security Agency is pledging to go "left-of-boom" and surveil artificial intelligence software development practices in a new alert series, which offers lessons to ...

Software that prioritizes security at its most foundational level means designing it with customer security as a key goal rather than a tacked-on feature. And that concept — secure by design — is ...

As I discussed in my previous article, CISA’s secure-by-design principles—which apply to software vendors supplying the U.S. government but should be considered by all software designers—call for ...

CISA’s high-profile proselytizing of its Secure by Design program will likely end, but some experts think the idea still has momentum in the private sector, while others have become disillusioned ...

Makers of software used by the federal government will now be required to affirm that their products are manufactured with secure development practices in mind, filling out a form released Monday by ...

In April, the Cybersecurity and Infrastructure Security Agency's Secure by Design initiative celebrated its first birthday. CISA marked the moment with a blog post outlining its achievements over the ...

Nearly 160 software companies have signed a voluntary pledge to make products more cyber secure as part of a federal push to see major players take more responsibility for protecting their customers.

A program manager for the Cybersecurity and Infrastructure Security Agency said ongoing threat vigilance is needed post-implementation of the agency’s Secure by Design framework. Incorporating a ...