Rancher Government Solutions | March 02, 2023
On March 01, 2023, Rancher Government Solutions, one of the leading security Kubernetes and cloud-native containerized applications for the U.S. government, launched Rancher Government Carbide. The new solution is an advanced security solution for protecting the nation's software supply chain against increasing threats. In addition, Carbide makes it easier to manage Kubernetes security by giving users a better, more standard way to check and confirm that their software is safe and secure.
Rancher Government Carbide protects the software supply chain by using a centralized, secure container registry for end users and a secure signing key to prove that the software came from a trusted source. Carbide's pipeline also uses tools for scanning for weaknesses and making software bills of materials (SBOMs). Additionally, the solution supports the DISA-validated and Kubernetes' published management platform and distribution with Security Technical Implementation Guides (STIGs) (Rancher MCM 2.6 & RKE2).
A tool within Carbide, STIGATRON, is built to authorize to make sure downstream clusters are secure. The tool eliminates system administrators' obstacles during the validation process by scanning downstream clusters automatically from the centralized Rancher Manager and resembling them to the STIG cluster, thereby enabling automated compliance with federal government security standards. In addition, the Carbide solution also includes airgap documentation and edge capabilities. It is additional support to the existing product suite of the company, designed to help customers overcome the security challenges associated with application modernization, containers, and Kubernetes.
About Rancher Government Solutions
Based in Reston (Virginia), Rancher Government Solutions is primarily developed to meet the needs of the U.S. Government and Military in relation to application modernization, containers, and Kubernetes. It provides support for open-source software stacks for container-adopting teams. It addresses the operational and security challenges associated with managing multiple Kubernetes clusters at scale and equips DevOps teams with the tools required to run containerized workloads. In addition, it offers support to all Rancher products, with U.S.-based American citizens currently supporting programs across the Department of Intelligence Community, Defense, and civilian agencies.
EMERGING TECHNOLOGY, CYBERSECURITY
Businesswire | May 02, 2023
Veracode, a leading provider of intelligent software security solutions, today announced its attainment of State Risk and Authorization Management Program (StateRAMP).
StateRAMP offers state and local government agencies a standardized approach toward compliance to help them improve their overall security posture. Veracode obtained FedRAMP authorization in July 2022, and this week’s authorization by StateRAMP reaffirms the company’s commitment to deliver cloud-based application security software to agencies at all levels of government—federal, state, and local.
“High-profile attacks and vulnerabilities are significantly impacting the software supply chain across industries, and state and local government is no different,” said Claire Bailey, Regional Vice President of Governmental Affairs at Veracode. “Agencies need capabilities that allow them to protect the application layer. This authorization enables Veracode to support evolving state and local government security requirements. We look forward to assisting the StateRAMP mission of improving the cyber posture of public institutions and the citizens they serve.”
Veracode’s intelligent software security platform provides comprehensive application-layer protection to reduce risk in today’s dynamic threat environment. The platform supports a range of current and emerging cybersecurity requirements and best practices, including:
Securing the software supply chain through capabilities such as the generation of a Software Bills of Materials (SBOM), which provides visibility into the open-source code components that are contained in a software product Integrating security into software development from the beginning of the process (‘shifting left’) Providing a developer-friendly user experience to integrate security into the software development life cycle Supporting cloud-native development and managing risk across the application portfolio Uniting security and development teams to address cybersecurity challenges
The StateRAMP authorization enables Veracode to support state and local agencies’ cybersecurity initiatives at a time of increased risk. A shortage of skilled IT security professionals has depleted the security teams of many state agencies, and Chief Information Security Officers report risks arising from persistent malware, ransomware, and phishing attempts, according to a recent National Association of State Chief Information Officers (NASCIO) survey.
Veracode’s recent State of Software Security 2023 report revealed that, over the last 12 months, more than 74 percent of applications contained at least one security flaw. Due to variation in the types of flaws that compromise application security, security teams should use a variety of scan types to discover elusive flaws.
Bailey added, “Security teams should have confidence in the options available to secure their cyber infrastructure and make their digital landscape a safer place overall. StateRAMP makes this goal much more attainable for state and local agencies. Veracode’s platform provides a single view of an organization’s security posture and compliance via powerful reporting and analytics, restoring confidence in the digital infrastructure of agencies.”
State and local agencies can access Veracode’s comprehensive software security platform—including static analysis, software composition analysis (SCA), dynamic analysis, pipeline scanning, eLearning, container scanning, API scanning, and infrastructure as code (IaC) scanning—on the StateRAMP Marketplace.
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means.
EMERGING TECHNOLOGY, INFRASTRUCTURE
Businesswire | May 11, 2023
Governments and businesses worldwide are increasingly prioritizing equity through their policies and practices. To implement these policies, organizations must understand that equity challenges are fundamentally a geographic issue. To support these efforts, Esri, the world leader in location intelligence, has joined a partnership to create the Chief Equity Officer Network.
Along with the Harvard School of Public Policy, the National League of Cities, the National Association of Counties (NACo), and Bloomberg Philanthropies, the network's mission is to find solutions that make equity strategic and actionable by using geographic information system (GIS) technology as a foundation.
"Equity is about creating thriving communities for all residents," said Sophia Garcia, Esri equity and civic nonprofit organizations industry specialist. "To do so, organizations need to implement solutions that meet the needs of the underserved and unserved, whether those conditions stem from racism, variations in physical or mental health, lack of access to services, the effects of climate change, or other circumstances. GIS provides the unique ability to map these complex problems, understand the data, and take more effective action to solve them. We are proud to be able to contribute to this partnership."
A key partner in creating the network, NACo is an organization that unites county officials to advocate for county government priorities in federal policy making. NACo also promotes exemplary county policies and practices, including those around equity.
"We are thrilled to collaborate with Esri and are thankful for them bringing their expertise on how GIS is applied to equity across our nation's communities," said Teryn Zmuda, NACo chief research officer and chief economist. "GIS provides the geographic lens for local leaders to translate data, which can be used to approach, discuss, and address equity issues within and across jurisdictions."
The Chief Equity Officer Network will bring together equity officers and leaders from across the states to cultivate and nurture ideas to address equity and how it applies to their community's needs.
Esri, the global market leader in geographic information system (GIS) software, location intelligence, and mapping, helps customers unlock the full potential of data to improve operational and business results. Founded in 1969 in Redlands, California, USA, Esri software is deployed in hundreds of thousands of organizations globally, including Fortune 500 companies, government agencies, nonprofit institutions, and universities. Esri has regional offices, international distributors, and partners providing local support in over 100 countries on six continents. With its pioneering commitment to geospatial technology and analytics, Esri engineers the most innovative solutions that leverage a geographic approach to solving some of the world's most complex problems by placing them in the crucial context of location. Visit us at esri.com.