Communications of the ACM

Home/News/Nsa: Our Development Methods Are in the Open Now/Full Text

ACM News

Nsa: Our Development Methods Are in the Open Now

By Threatpost
November 12, 2010
Comments

View as: Print Mobile App Share:

Despite its reputation for secrecy and technical expertise, the U.S. National Security Agency doesn't have a set of secret coding practices or testing methods that magically make its applications and systems bulletproof. In fact, "most of what we do in terms of app development and assurance is in the open literature now. Those things are known publicly now," says Neil Ziring, technical director of the NSA's Information Assurance Directorate.

Even within the NSA, the problems of application security remain maddeningly difficult to solve, Ziring says. The agency faces many of the same challenges that private enterprises and other organizations do when it comes to writing secure applications and defending deployed apps.

"Assurance is very hard to do for apps, especially lightweight, distributed apps. They don't have a clean, waterfall lifecycle," Ziring says. "Apps have become the primary targets of attackers."

From Threatpost
View Full Article

No entries found

Nsa: Our Development Methods Are in the Open Now

VW Vehicles to Converse with Drivers via ChatGPT by Mid-Year

Disinformation 2.0 in the Age of AI: A Cybersecurity Perspective

Interview Answers That are Not Going to Help You