PENETRATION TESTING
WHY: Penetration Testing Essential for Success in Security Arms Race. Demand for security testing, which should be conducted from the onset rather than as an afterthought, is growing. Read more
[COMPUTERWEEKLY.COM]
DEVOPS: A DevOps Framework for Federal Customers. President Trump signed an executive order designed to strengthen the cybersecurity of federal networks including moving all federal IT systems to the cloud. The executive order also calls for effective risk management, which includes requiring planning so that maintenance, improvements and modernization occur in a coordinated way and with appropriate regularity. To address these challenges and help agencies hit the fast track, eGlobalTech, a provider of IT solutions and cybersecurity consulting services for the federal government, has announced that DevOps Factory is now officially available to all federal government agencies. Included in the government-wide launch of DevOps Factory is Espial. Also developed by eGlobalTech, Espial automates and integrates security penetration testing as part of the continuous integration and continuous delivery pipeline, enabling early detection and faster remediation of vulnerabilities while ensuring that only secure code is deployed. Read the rest
[APPDEVELOPERMAGAZINE.COM]
FEDERAL GOVERNMENT: CDM in the Trenches. The Continuous Diagnostics and Mitigation program – a $6 billion effort to better secure networks and systems across government — is a complicated beast. It covers some 169,000 tools and services, and it is managed by the Department of Homeland Security’s National Protection and Programs Directorate (NPPD) while the General Services Agency runs the acquisition contract. Find out more
[FCW.COM]
CYBERSECURITY: List of GSA’s Cyber SINs Continues to Grow. If you’re looking to buy cybersecurity services for your agency, just remember: cybersecurity is a SIN now. The General Services Administration’s Federal Acquisition Service just created the Highly Adaptive Cybersecurity Services Special Item Number (HACSSIN) to add more cyber services to GSA’s Schedule 70. Read more
[FEDERALNEWSRADIO.COM]
==========
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems April 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-april-2017-75757463.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
==========