Sign up to save your podcasts
Or
Share FedRAMP, Software Supply Chain Guidance & API Security New Year Updates - Ep 51
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
FedRAMP, Software Supply Chain Guidance & API Security New Year Updates - Ep 51
“I think with any metric, the FedRAMP program has been viewed as...."
Listen to this edition of Reimagining Cyber EXTRA and find out what Rob and Stan think about FedRAMP.
Firstly, what is it?!
“[FedRAMP’s] whole purpose is to provide a standardized government-wide approach to security assessment, authorization, and continuing monitoring of cloud products and services used by the federal government agencies.”
Plus:
- FedRAMPs codification into law via the National Defense Authorization Act (NDAA)
- Action to making the process easier for vendors and agencies.
- Establishment of the Federal Secure Cloud Advisory Committee – what is it, what’s it for?
- Why does the NDAA not make vendors provide a SBOM? Will this change?
“The crystal ball is if you are a software supplier to the government, you have to be prepared in the future to be able to provide this kind of inventory of components that make up your software build. It's important to be able to react quickly to zero-days, to be able to understand what your software consists of to be able to mitigate open source security issues and risks”
- Microsoft share how they manage supply chain risks with the Secure Supply Chain Consumption Framework (S2C2F). What does the OpenSSF think of it?
“Everything that we're talking about in cyber always somehow turns itself back around to the software. The software supply chain is the common theme that we heard through last year. It's not going to slow down this year.”
- The rise of APIs (application programming interface) as an attack surface
It's 5 years since Reimagining Cyber began. Thanks to all of our loyal listeners!
As featured on Million Podcasts'
Best 100 Cybersecurity Podcasts
Top 50 Chief Information Security Officer CISO Podcasts
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]
View all episodes
By Reimagining Cyber
5
1919 ratings
“I think with any metric, the FedRAMP program has been viewed as...."
Listen to this edition of Reimagining Cyber EXTRA and find out what Rob and Stan think about FedRAMP.
Firstly, what is it?!
“[FedRAMP’s] whole purpose is to provide a standardized government-wide approach to security assessment, authorization, and continuing monitoring of cloud products and services used by the federal government agencies.”
Plus:
- FedRAMPs codification into law via the National Defense Authorization Act (NDAA)
- Action to making the process easier for vendors and agencies.
- Establishment of the Federal Secure Cloud Advisory Committee – what is it, what’s it for?
- Why does the NDAA not make vendors provide a SBOM? Will this change?
“The crystal ball is if you are a software supplier to the government, you have to be prepared in the future to be able to provide this kind of inventory of components that make up your software build. It's important to be able to react quickly to zero-days, to be able to understand what your software consists of to be able to mitigate open source security issues and risks”
- Microsoft share how they manage supply chain risks with the Secure Supply Chain Consumption Framework (S2C2F). What does the OpenSSF think of it?
“Everything that we're talking about in cyber always somehow turns itself back around to the software. The software supply chain is the common theme that we heard through last year. It's not going to slow down this year.”
- The rise of APIs (application programming interface) as an attack surface
It's 5 years since Reimagining Cyber began. Thanks to all of our loyal listeners!
As featured on Million Podcasts'
Best 100 Cybersecurity Podcasts
Top 50 Chief Information Security Officer CISO Podcasts
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]
More shows like Reimagining Cyber - real world perspectives on cybersecurity
View all
Hacked
187 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
653 Listeners
CyberWire Daily
1,024 Listeners
Smashing Security
319 Listeners
Click Here
418 Listeners
Darknet Diaries
8,046 Listeners
Cybersecurity Today
181 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
140 Listeners
CISO Tradecraft®
48 Listeners
Risky Bulletin
44 Listeners
Hacker And The Fed
169 Listeners