Application Security Working Group White Paper: Embedding Security Controls in a DevOps Pipeline Organizations today need to identify and adopt different Software Development Lifecycle (SDLC) strategies to be more agile and efficient. DevOps as a strategy has enabled organizations to reduce the amount of time it takes to create software. As risks in the runtime…...

The protection of software requires a strong security posture in the Software Development Lifecycle (SDLC). Implementing standard security controls (SAST, SCA, DAST, etc.) is an instrumental step to produce secure software but is not enough. While these security controls are key security components, even with well-secured software, attackers can embed malicious code in software without…...

It can be daunting for a small or medium (SMB) to know the right questions to ask a potential managed services provider (MSP) as the business navigates its internal requirements and considers future Cybersecurity Maturity Model Certification.  To assist, the ND-ISAC Small and Medium Business Working Group created a guide to address the challenges presented…...

The National Defense Information Sharing & Analysis Center (ND-ISAC) is pleased to announce the release of a “C3PAO Shopping Guide for Small & Medium-Sized Businesses.”  The guide was created through a team effort among participants in ND-ISAC’s Small & Medium-Sized Business Working Group in consultation with other SMBs across the Defense Industrial Base (DIB), along…...

Empowering the DIB Sector: ND-ISAC's Cloud Security & Architecture and Microsoft Cloud Services Working Groups Publish Multi-Tenant and External Collaboration Challenges Whitepaper ND-ISAC has more than 25 technical Working Groups where member company subject matter experts collaborate on defending against cyber threats, and developing best practices and solutions to common challenges.  Among other areas, ND-ISAC Working…...