Red Hat’s David Egts: Agencies Should Screen Open Source Code for Cyber Risks

David Egts

David Egts, chief technologist for Red Hat’s North American public sector, has said federal agencies should assess open source code for cyber vulnerabilities prior to adoption.

Egts wrote in a Nextgov piece published Monday that agencies should monitor open-source libraries and repositories that developers use to download the code and deploy a code analyzer to detect memory corruptions, resources leaks and other issues that could be leveraged by adversaries.

“Agencies can also participate in crowdsourced security initiatives designed to test the efficacy of their defenses and reinforce the notion that security must be taken seriously by everyone, including developers,” he noted.

He mentioned the Defense Department’s Hack the Pentagon and the Core Infrastructure Initiative Badge Program as examples of those initiatives.

Egts called on agencies not to circumvent “a rigorous procurement process that takes into account security hygiene and quality assurance” in order to protect their infrastructure from cyber threat actors.

Check Also

David Young SVP of Public Sector Lumen Technologies

Executive Spotlight: David Young, SVP of Lumen’s Public Sector, Discusses Rebranding from CenturyLink to Lumen

David Young, senior vice president of Lumen’s Public Sector and global hyperscaler business and a two-time Wash100 Award recipient, recently spoke with ExecutiveBiz regarding CenturyLink’s recent rebranding to Lumen Technologies. He discussed Lumen’s new initiatives, advanced platform for managing data and applications, and work across government agencies to support real-time decision making. 

Persistent Aquatic Living Sensors

DARPA, Three Research Teams Move Into Phase 2 of Marine Bio Sensor Project

Northrop Grumman, Raytheon Technologies and Florida Atlantic University have received contracts to undertake the second phase of a Defense Advanced Research Projects Agency program designed to advance biological sensing concept for underwater vehicle detection and monitoring purposes.

analytics

SAS, RTI to Combine Analytics Tech, Research Service for Gov’t Clients

SAS and RTI International have partnered to integrate analytics software products and research services into an comprehensive offering designed to help government customers extract insights from data to perform complex missions.