Akamai | January 14, 2022
Akamai Technologies, Inc. , the world's most trusted solution to power and protect digital experiences, today participated in the White House Open Source Software Security Summit and released the following statement:
Akamai was pleased to participate in the White House Open Source Software Security Summit today, and appreciated the opportunity to share our perspective and recommendations on this important topic. Improving the security of open source software is vital, as it is critical to the internet ecosystem. However, the ability to quickly contain the impact of a vulnerability once it is discovered is equally significant. This meeting was particularly timely, given the recent Log4j vulnerability detection. We applaud the administration's proactive leadership to tackle this important issue, which, if left unchecked, can have far-reaching negative impacts for both the government and the private sector.
Akamai asserts that businesses must invest time and resources into open source software to ensure continued innovation and security. Akamai has a long history of working with the open source community and contributing to open standards. This includes work with the Internet Engineering Task Force (IETF), World Wide Web Consortium (W3C), Internet Security Research Group (ISRG), OpenSSL, and the Linux Kernel. We are evaluating how we can expand those commitments this year.
Akamai advocates for the following five pillars through continued partnership with our customers — many of which are leaders in their respective industries — and in collaboration with the White House, National Security Council, and broader technology community:
Increase visibility into reliance on open source technologies — many companies don't fully know the open source code that lives in their environments. Only by gaining visibility into the network and its code stack can we reliably address security flaws when they occur. Log4j was a black swan event, but serves as a potent reminder that the government and private sector need to prioritize investments into tools and technologies.
Identify key open source libraries and support strong ownership and vulnerability management — threat actors comb open source libraries to find vulnerabilities like Log4j. The technology community must provide support — via active participation in projects and financial investment — to the open source communities we depend on.
Build reliable containment plans for when exploits are identified — we are never going to eliminate vulnerabilities, so it's essential we have effective containment policies in place to help protect businesses and consumers. We can accomplish this via actionable reporting processes and supporting technology solutions.
Improve cross-government and industry information sharing when vulnerabilities are first identified — the more eyes that we can get on a problem, the quicker the problem can be fixed. By building an information-sharing community of trusted security providers, we can ensure that vulnerabilities are addressed and that patches reach wide distribution faster.
Expand government authorization of solutions to increase defenses — adversaries evolve quickly, and the government needs to be agile to ensure its defenses can protect important government systems and key infrastructure. In some instances, an emergency authorization of technology from trusted providers would enable fast implementation of solutions not yet FedRAMP certified to quickly enable protection against new threats.
Akamai powers and protects life online. The most innovative companies worldwide choose Akamai to secure and deliver their digital experiences — helping billions of people live, work, and play every day. With the world's largest and most trusted edge platform, Akamai keeps apps, code, and experiences closer to users — and threats farther away.
Stratasys | September 30, 2021
Stratasys Ltd., a leader in polymer 3D printing solutions, today announced that the company has introduced a new data security solution to enhance the cybersecurity of additive manufacturing as its role in government and defense applications grows larger and more mission-critical.
The new ProtectAM™ solution is the first in additive manufacturing to use Red Hat Enterprise Linux, the world’s leading enterprise Linux platform. This platform is preferred by the U.S. government to help deliver continuous information processing security in accordance with requirements contained in the applicable Security Technical Implementation Guide (STIG) issued by the Defense Information System Agency (DISA) of the U.S. Department of Defense.
The ProtectAM solution will initially be available for several industrial and large-format Stratasys FDM® 3D printers, which are frequently used by government customers to produce end-use parts and tools for applications such as aviation and ground maintenance applications. It is available for Fortus® 450mc™ printers effective Oct. 1 and is expected to be available for F900® 3D printers by the end of the year. Stratasys F370™ and F770™ 3D printers are expected to be added in Q1 2022, with printers that use other Stratasys technologies beyond FDM to follow. In the future, Stratasys expects to extend ProtectAM’s cybersecurity benefits to industry segments beyond government.
“The benefits of 3D printing are clear, including getting critical products wherever they are needed, with maximum speed and minimal cost, all while extending the lifespan of existing assets to save taxpayer dollars. Furthermore, the integrity of parts printed from digital files is absolutely essential, and we have established the ProtectAM solution to be a world-class security solution to continue the adoption of additive manufacturing by government agencies, and ultimately to commercial segments as well.”
Dick Anderson, Senior Vice President for Manufacturing at Stratasys
Stratasys developed its data information security solution to comply with the U.S. Defense Information Systems Agency’s Security Technical Implementation Guide for Red Hat Enterprise Linux. The STIG outlines several hundred security controls to protect against cybersecurity threats.
“Software security is a front-and-center challenge for nearly every government agency, and a need that Red Hat helps to address through our extensive work in certifying the world’s leading enterprise Linux platform to meet stringent public security requirements. Red Hat Enterprise Linux provides a platform that assists users in meeting the rigorous software security needs for sensitive computing without sacrificing flexibility, scalability or innovation. We’re pleased to be able to provide this as a foundation for Stratasys as they work to innovate industrial 3D printing and additive manufacturing in the public sector.”
David Egts, Chief Technologist, North America Public Sector, Red Hat
The release of Stratasys’ ProtectAM system opens Stratasys systems to new applications within the government that extend well beyond R&D settings. For example, adherence to STIG security controls enables the U.S. military to more readily deliver a geographically distributed enterprise network of 3D printers across and even beyond U.S. military bases. Furthermore, Stratasys’ technology is built on the FIPS and Common Criteria government-certified foundation of Red Hat Enterprise Linux, so mission-critical digital files can be sent wherever they are needed faster and parts can be quickly 3D printed locally.
Existing Stratasys printers are field upgradable with regular software security updates from Stratasys. More information about Stratasys in manufacturing is available online.
Stratasys is leading the global shift to additive manufacturing with innovative 3D printing solutions for industries such as aerospace, automotive, consumer products and healthcare. Through smart and connected 3D printers, polymer materials, a software ecosystem, and parts on demand, Stratasys solutions deliver competitive advantages at every stage in the product value chain. The world’s leading organizations turn to Stratasys to transform product design, bring agility to manufacturing and supply chains, and improve patient care.
BlackBerry | November 20, 2020
BlackBerry Limited today declared that its BlackBerry® Unified Endpoint Manager (UEM) programming has accomplished National Security Agency (NSA) Commercial Solutions for Classified Program (CSfC) endorsement.
The NSA ensures the United States' most basic data and frameworks against cyberattacks. The CSfC is a significant portion of the NSA's technique, guaranteeing that the U.S. government can use the business' generally secure and inventive network safety advancements to achieve their main goal targets.
"BlackBerry and the NSA share a common mission to help make the nation safer," said John Chen, Executive Chairman & CEO, BlackBerry. "We are honored to receive approval from the NSA for BlackBerry UEM to be used to protect classified information. This adds to the portfolio of U.S. government certifications BlackBerry has received for UEM, including NIAP, DoDIN APL and FedRAMP."
BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including 175M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry's vision is clear - to secure a connected future you can trust.