Facebook sued in U.S. federal court for alleged anticompetitive conduct

Facebook | January 17, 2020

Four companies sued Facebook Inc (FB.O) in U.S. federal court on Thursday for alleged anticompetitive conduct, saying the social network inappropriately revoked developer access to its platform in order to harm prospective competitors. The plaintiffs sought class-action status and unspecified damages, according to a filing at the U.S. District Court for the Northern District of California.

Spotlight

Spotlight

Related News

CYBERSECURITY

Tidelift Public Sector Momentum Increases as Cybersecurity Supply Chain Risk Management Becomes Top Government Priority

Businesswire | May 30, 2023

Tidelift, a provider of solutions for improving the security and resilience of the open source software powering modern applications, today announced that it has been awarded three U.S. government contracts worth over $3.5 million, and is expanding its public sector organization in response to increased demand for innovative solutions that help the U.S. government improve its cybersecurity supply chain risk management (C-SCRM) capabilities. High-profile software supply chain vulnerabilities including Log4Shell and SolarWinds have dramatically increased attention on the need for improved software security, both in the public sector and beyond. In the U.S., this effort began in May, 2021 with White House Executive Order 14028: Improving the Nation’s Cybersecurity, and since then a variety of policy and legislative initiatives around cybersecurity have gained traction. In September, 2022, the U.S. government’s Office of Management and Budget released memorandum M-22-18 on Enhancing the Security of the Software Supply Chain through Secure Software Development Practices. M-22-18 formalizes the guidance provided in the NIST Secure Software Development Framework and NIST Software Supply Chain Security Guidance documents as the government requirements for developing secure software, and mandates federal government agencies comply with these guidelines. This memorandum sets aggressive deadlines for compliance with specific dates for both government agencies and organizations selling software to the government to comply with NIST guidelines. Among other stipulations, it requires that any organization selling software to the government must self-attest that their software is compliant with the NIST SSDF by June 2023 for critical software or by September 2023 for all other software. More recently, the National Cybersecurity Strategy sets a new precedent for software security liability, with the government intending to hold software producers liable for damages caused by preventable security vulnerabilities and offer liability protections to organizations that can show they follow secure software development practices. Tidelift awarded three U.S. government contracts worth over $3.5 million In addition to efforts like those mentioned above, the U.S. government is increasingly investing directly in improving open source software security. Tidelift was recently awarded three separate innovation research awards as part of the U.S. government SBIR program. The SBIR program is designed to help U.S.-based businesses invest in their technical potential, while stimulating technology innovation and meeting specific research and development needs. Through these SBIR Phase II awards, Tidelift is working with the Department of the Air Force and the Defense Advanced Research Projects Agency (DARPA) to help spur innovation in the systems and processes the U.S. government uses to improve open source software security and cybersecurity supply chain risk management. This investment will help Tidelift expand its industry-leading open source software management solution, including increasing its ability to partner with even more open source maintainers to validate their components meet important security, maintenance, and licensing standards required by government and industry users, and pay these maintainers for this critical work. It will also help the U.S. government better address the requirements and deadlines emerging from Executive Order 14028, memorandum M-22-18, and the NIST Secure Software Development Framework, especially when it comes to the open source components in use in government applications. Tidelift is also helping address new requirements around software bills of materials (SBOMs) that U.S. government agencies are beginning to understand, interpret, plan for, and deploy. Along with Tidelift producing an SBOM from every application build, the company is actively working upstream with open source maintainers to validate and improve security, maintenance, and licensing metadata for their projects and capture this data using the TACOS (Trusted Attestation and Compliance for Open Source) attestation framework. "The United States Air Force, and the Government as a whole, are among the largest consumers of open source software. With the increasing requirements around Software Supply Chain Risk Management (SCRM) and Software Bills of Materials (SBOM) initiatives, we are excited to partner with Tidelift to enhance cybersecurity resilience outcomes for open source software dependencies that support our most critical work," said Robert "Devo" DeVincent, Chief Software Officer, Air Force 309th Software Engineering Group. Tidelift expands public sector organization to meet growing demand Tidelift has named Matthew Arnow, a long-time veteran of Tidelift, to lead the newly expanded public sector team. Matthew heads up the team with extensive experience working with government and public sector clients. “Tidelift looks forward to working more closely with our government and public sector customers and prospects to improve the resilience of our mission-critical open source infrastructure,” said Matthew Arnow, head of public sector for Tidelift. “Our unique approach of working directly with the maintainers behind thousands of important open source projects will help public sector customers comply with U.S. government security directives and meet necessary government and industry standards.” Tidelift partners with Carahsoft to support public sector expansion Tidelift has also partnered with Carahsoft, the leading government reseller partner, to help more quickly and effectively address the number of large public sector opportunities. “Over the past year, we’ve seen increased demand from our customers for solutions that help improve open source software security and supply chain resilience,” said Natalie Gregory, vice president, Carahsoft. “We look forward to working with Tidelift and our reseller partners to deliver open source software supply chain risk management solutions to our government customers.” About Tidelift Tidelift, a 2022 Gartner Cool Vendor, helps organizations effectively manage the open source behind modern applications. Through the Tidelift Subscription, the company delivers the tools, data, and strategies powering an inclusive and organization-wide approach to improving the health and security of the open source software supply chain. Tidelift enables organizations to move fast and stay safe when building applications with open source, so they can create more incredible software, even faster. https://tidelift.com/

Read More

EMERGING TECHNOLOGY, CYBERSECURITY

Juvare Achieves Milestone FedRAMP High Authorization

Businesswire | May 19, 2023

Juvare®, the leader in situational awareness and critical incident preparedness and response technology, has been granted a Federal Risk and Authorization Management Program (FedRAMP®) authorization by the United States Government to operate at the High impact level for the Juvare Federal Cloud (JFC). Achieving FedRAMP High authorization is a recognition of the trusted and timely solutions Juvare provides for government, including JFC, which enables a compliant and secure environment for public sector organizations to deploy Juvare solutions, including WebEOC® and Juvare Exchange®. The FedRAMP High authorization builds upon Juvare’s aggressive security posture and follows Juvare’s ISO accreditations under the ISO 27001, ISO 27017, ISO 27018, and ISO 27701 programs, and its SSAE 18 SOC 2 Type 2 certification. “This is an enormous achievement that recognizes Juvare’s ability to provide modern and highly secure solutions the federal government is looking for,” said Robert Watson, Chief Executive Officer at Juvare. “With cyber security, emergency preparedness, health crises, and more dominating the federal priority list, this authorization gives government better access to the tools we provide to protect the communities they serve. It’s a recognition that’s been earned through our relentless commitment to data security and innovations that respond to real-world threats and risks.” FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Established by the Office of Management and Budget (OMB), the program provides a cost-effective, risk-based approach for adopting and using cloud services by federal departments and agencies. “Technology is a force multiplier for delivery of services to communities across the nation that our clients serve and protect,” says Bryan Kaplan, Chief Information and Technology Officer at Juvare. “This authorization demonstrates our commitment to the federal-civilian and military ecosystem and will enable faster processing of Authority to Operate (ATO) packages through reciprocity. It enables agencies to focus on protecting their communities and our nation, knowing that Juvare is managing security and availability.” Juvare partnered with A-LIGN and SMX to achieve FedRAMP accreditation. The Veterans Health Administration (VHA) served as Juvare’s sponsor through the authorization process. “FedRAMP authorization is a statement about an organization’s commitment to protecting federal data and metadata against one of the most rigorous standards for data security,” said Tony Bai, Government Practice Lead at A-LIGN. “As a trusted 3PAO firm, A-LIGN independently evaluates client data processes and procedures, governance on internal controls, and security posture. Juvare’s FedRAMP Authorization validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.” Juvare’s solutions including WebEOC, Crisis Track®, and EMResource® have been used to prepare for, respond to, and recover from major emergencies and adverse incidents since their inception. As public sector organizations modernize and demand persistent situational awareness, Juvare solutions have become embedded in daily workstreams by digitizing workflows, providing situational awareness, enabling multi-channel notifications, and connecting disparate data sources into a single pane of glass. ABOUT JUVARE Juvare is a worldwide leader in emergency preparedness and critical incident management and response technology connecting over 80% of state public health agencies, 3,500+ hospitals, 50+ federal agencies, and 500+ emergency management operations across the U.S., as well as a rapidly expanding international presence. Juvare solutions empower government agencies, corporations, healthcare facilities, academic institutions, and volunteer organizations to leverage real-time data to manage incidents faster and more efficiently, protecting people, property, and brands. ABOUT A-LIGN A-LIGN is the only end-to-end cybersecurity compliance solutions provider with readiness to report compliance automation software paired with professional audit services, trusted by more than 4,300 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider holistic approach for a variety of compliance security frameworks such as SOC, ISO, HITRUST, FedRAMP, CMMC, PCI DSS and more. Working with growing businesses to global enterprises, A-LIGN’s experts and its compliance automation platform, A-SCEND, are transforming the compliance experience. For more information, visit www.A-LIGN.com.

Read More

EMERGING TECHNOLOGY

Copado Achieves FedRAMPⓇ Authorization for Its DevOps Platform

PR Newswire | May 16, 2023

Copado, the leader in low-code DevOps, today announced it has achieved Federal Risk and Authorization Management Program (FedRAMPⓇ) authorization to operate (ATO) at the moderate impact level. Copado has a proven track record of working with customers in the public sector, such as the Center for Medicare & Medicaid Innovation (CMMI), the Federal Deposit Insurance Corporation (FDIC), and the U.S. Department of Veterans Affairs (VA), to improve the quality, speed and security of their software delivery and cloud transformations. "FedRAMP empowers agencies to use modern cloud technologies, with emphasis on security and protection of government information, and helps accelerate the adoption of secure, cloud solutions," said Kyle Tobener, Vice President of Security and IT for Copado. "Now that government agencies have entered the world of the cloud, they must have the agility and flexibility to respond to citizen needs. Copado enables government agencies to respond faster, achieve higher levels of software quality, deliver more digital services and scale to unprecedented demands." As one of the first federal agencies to work with Copado, the VA needed help organizing nearly a dozen teams with hundreds of developers who were all working on multiple concurrent Salesforce projects. With Copado, the VA was able to cut its deployment time in half and hasn't missed one deployment since implementation. The VA has fully authorized Copado for three years, which allows other federal agencies to expedite their own procurement decisions. Copado is the only DevOps platform for Salesforce to achieve FedRAMP, ISO 27001, SOC 2 Type 1, and GDPR compliance. As the only cloud-based DevOps solution that meets all of these rigorous standards, Copado is the most trusted low-code delivery platform in the world. "In light of President Biden's Executive Order on the nation's cybersecurity, the public sector is increasingly moving to secure cloud services," said Casey Coleman, Senior Vice President, Global Government Solutions for Salesforce. "Achieving FedRAMP authorization is a key competitive advantage in the marketplace and demonstrates a commitment to helping public sector agencies accelerate their digital transformation goals. Congratulations to Copado for achieving this important milestone." Copado's DevOps solutions are available through Carahsoft and its resellers on the following government contracts: SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NASPO ValuePoint Master Agreement #AR2472, NCPA Contract NCPA01-86, OMNIA Partners Contract #R191902, CA SLP: SLP-17-70-0139E, IN QPA: 0000000000000000000021430, OH MCSA: Ohio Master Cloud SA-0016 and TX DIR 4288: DIR-TSO-4288. "Copado's FedRAMP ATO designation exemplifies their unwavering commitment to providing secure, reliable and compliant solutions to the Federal Government," said Bethany Blackwell, Vice President of the Salesforce Business Unit at Carahsoft. "This milestone underscores Copado's dedication to helping Federal agencies streamline their DevOps processes, while adhering to the highest standards of security and compliance. We look forward to continuing to deliver innovative technology solutions to Federal agencies with Copado and our reseller partners." About Copado Copado is the leading DevOps and testing solution for low-code SaaS platforms that run the world's largest digital transformations. Backed by Insight Partners, Salesforce Ventures and SoftBank Vision Fund, Copado accelerates multi-cloud, enterprise deployments by automating the end-to-end software delivery process to maximize customers' return on their cloud investment. More than 1,200 companies rely on Copado to drive digital transformation with speed, quality and value including Boston Scientific, Coca-Cola, Fair Trade, Linde, MassMutual, Schneider Electric and Shell. Copado processes over 50 million DevOps transactions per month and is rated with a 100% score on the Salesforce AppExchange. More information can be found at: http://www.copado.com.

Read More