FedRAMP for the impatient.

FedRAMP Security Assessment

FedRAMP is how clouds will be authorized for use in the Federal government. With it, the government to authorize a cloud for use just once, instead of forcing each agency to authorize the same cloud over and over. The FedRAMP program office published a CONOPS document, which sketches out how everything will work. It’s tedious. […]

Continue reading →

The Open Source Shared First Opportunity: > $1.2 Billion

“A collaborative, analysis-based approach that leverages the implementation of robust enterprise governance, cross-enterprise portfolio governance, together with segment enterprise architecture, is imperative to ensuring IT efficiently and effectively supports the mission and business functions of a government agency,” DHS Chief Information Officer Richard Spires told a House committee on Friday morning (full transcript below). “A […]

Continue reading →

UK Gov’t: Open Source is the future.

Liam Maxwell, Cabinet Office director of ICT futures, said Tuesday in London that open source has grown up and it’s time to dispel lingering misconceptions about this technology and development process. Maxwell told the Intellect 2012 conference: “Opensource software is not three guys in a shed anymore. There are a lot of misconceptions about open […]

Continue reading →

DISA releases IAVA-to-CVE mapping

A diagram of the IAVM-to-CVE workflow.

The DOD keeps its own catalog of system vulnerabilities, the IAVM. You can think about this as the computer security alerting system for the DOD. If you get an IAVM, it will tell you what the vulnerability is, how critical it is, and if you need to patch it immediately. The rest of the world […]

Continue reading →

A Common Criteria Primer

This is an expanded version of a document that I wrote for Red Hat internally. I’m now sharing it with all of you because I find myself reciting this information at least once a week. I hope you enjoy it. Please keep in mind that I’m not a lawyer, DAA, or procurement officer. All the […]

Continue reading →