DoD issues new marching orders on secure software and SBOMs
The Pentagon's Software Fast Track program steps up SCRM via procurement. Here's what you need to know.
Ericka Chickowski
Freelance writer. Ericka Chickowski's award-winning writing on business and technology have appeared in dozens of trade and consumer magazines, including Entrepreneur, Consumers Digest, Channel Insider, CIO Insight, Dark Reading, DevOps.com and InformationWeek. She's made it her specialty to explain in plain English how technology trends affect real people.
Posts from Ericka Chickowski
DoD issues new marching orders on secure software and SBOMs
Rise of the xBOM: The new go-to tool for software security
CycloneDX 1.6's ML-BOM, SaaSBOM, and CBOM are non-negotiable visibility requirements in the software supply chain security era.
The cybersecurity job market is complicated: 3 key insights
While the state of cybersecurity careers is confusing, key trends are driving companies to think big-picture — and outside of traditional roles.
How data science in cybersecurity can cut through the fog of war
Orchestrating the heavy lifting of data management and analytics is easier said than done. Here are four key pillars for improving security outcomes.
Agentic AI and development: How to get ahead of rising risk
Software teams will need to get on board with agentic AI. But AppSec teams need new visibility and controls for the SDLC.
CISA cybersecurity performance goals: 7 action items to boost your AppSec
The agency's new IT Sector-Specific Goals (SSGs) for application security aim to keep Secure by Design going strong. Here are the top action items.
AppSec & Supply Chain Security | January 28, 2025 AI is a double-edged sword: Why you need new controls to manage risk
AI can improve cybersecurity outcomes, but it also represents an entirely new threat. Upgrade your security strategy — and tooling — for the AI age.
Going beyond 'shift left': Why shared responsibility is key to risk management
AppSec experts and software risk managers say doing security checks earlier isn't enough. Here's why — and what else organizations should do.
AppSec vs. product security: Secure by Design demands a strategy shift
Here's why and how to push your application security further into ProdSec — and what that means to achieving the goals of CISA's Secure by Design.