Government Events and Resources

Executive Order 14028 is requiring vendors to now follow new procedures to ensure that the standards stay high. Some major updates are Hi-Fidelity Software Bill of Materials (SBOM), Vulnerability Disclosure Report (VDR), Signed Self-Attestation Letter of Conformance to EO 14028 per Section 4(e), Evi...

The University of South Florida (USF) enhanced its security operations by implementing Rapid7’s InsightVM to address fragmented vulnerability management across its extensive infrastructure. Learn how Rapid7’s solutions helped USF enhance their security and protect their community.

This guide explores four critical cyber force multipliers—predictive analytics, secure software development, SOAR, and AI-driven vulnerability detection—that help agencies enhance their cybersecurity posture amid growing threats and limited resources. It also highlights how public-sector...

Download this report to explore the latest trends and insights on email security. As email continues to be the top vulnerability for agencies facing cybersecurity breaches, Cofense conducts comprehensive research and analysis each year to help agencies proactively defend against these attacks.

This report from Synack shares key insights with federal counterparts on emerging threats and vulnerability trends uncovered through Synack's FedRAMP Moderate Authorized penetration testing environment. By highlighting which software flaws warrant the most urgent attention as they work through e...

Quokka is a mobile security company trusted by Fortune 500 companies and governments, including powering CISA's MAV shared services for mobile app vetting. Their solutions, Q-scout for device security and Q-mast for app development, offer behavior-driven threat detection and automated vulnerabil...

A resource outlining how software supply chain threats surge, traditional application security tools are insufficient, highlighting the need for advanced solutions that detect malware and tampering beyond conventional vulnerability assessments.

ActiveState has expanded its support for secure open source by introducing free and customizable, low-to-no vulnerability containers, aiming to be a one-stop solution for securing the software supply chain. This new offering addresses the limitations of current secure container solutions by bridging...

Managing medical devices has taken on a new level of complexity as they have been connected to networks. Equipment is becoming more sophisticated. Maintenance is becoming more specialized. Vulnerability tracking and remediation are more challenging. And requirements for compliance and safety are i...

Anaconda is crucial for securing open-source data science pipelines, especially for Python and R ecosystems, where traditional security tools often fall short. Their comprehensive CVE curation goes beyond public data, allowing organizations to proactively block vulnerable packages and save countless...