Acquisition Oversight for Software Assurance
• Webcast
Publisher
Software Engineering Institute
Topic or Tag
Watch
Abstract
Software management is too frequently ignored or addressed piecemeal in systems. Cyber threat actors take advantage of gaps and errors in their attacks, which they can accomplish throughout the lifecycle. Exploiting these gaps and errors allows them to compromise processes, practices, and procedures that touch a system’s design, component development, and supply chain to bypass controls and leverage available vulnerabilities. Key software assurance activities must be embedded within the acquisition lifecycle to effectively combat these threat actors.
What Will Attendees Learn?
- How software assurance can be addressed with limited cost and schedule impact if it is effectively integrated into the acquisition lifecycle
- Which knowledge and resources are critical to software assurance and the risks that can be missed if they are underrepresented
- Key aspects of managing acquisition and development that are critical to software assurance and why they are important
About the Speaker
Dr. Carol Woody
Dr. Carol Woody has been a senior member of the technical staff since 2001. Currently she is the technical manager for the Cyber Security Engineering (CSE) team, whose research focuses on meeting the challenges of cyber security in acquisition, system and software engineering. CSE is building capabilities in defining, acquiring, …
Read more
Michael S. Bandor
Michael S. “Mike” Bandor is a senior software engineer in the Software Solutions Division (SSD) of the Software Engineering Institute (SEI) at Carnegie Mellon University. He is responsible for leading teams that enable the organizations within the Department of Defense and other customer organizations to enhance the predictable performance and …
Read more