Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness

Ep. 10 Supply Chain and the Federal Government

Listen Later
Today we sit down with John Cofrancesco from Fortress Information Security to get insights on the issues with the supply chain and the federal government. When it comes to federal technology, it is well known that bringing in chunks of software can introduce vulnerabilities. The real issue is not recognizing the code flaws, the issue is finding time in a hectic schedule to be able to remediate these problems.

For example, CISA has something called the Vulnerability Exploitability Exchange that lists known software vulnerabilities. Companies like Sonatype offer surveys where they identify thousands of lines of code with structural flaws.

One of the vulnerabilities (the Log4J) is well known. Rezilion announced it had scanned 90,000 servers that still had this problem.

So, having a list of vulnerabilities is not the issue. The concern is cleaning up the federal code in an effective manner.

...more
View all episodesView all episodes
Download on the App Store
Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awarenessBy John Gilroy
  • 5
  • 5
  • 5
  • 5
  • 5

5

5 ratings

More shows like Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness

View all
Coaching for Leaders by Dave Stachowiak

Coaching for Leaders

1,463 Listeners

Sourcing Industry Landscape by Dawn Tiura

Sourcing Industry Landscape

7 Listeners

Adventures In Legal Tech by Jared Correia

Adventures In Legal Tech

6 Listeners