Authority to Operate (ATO) is a process that certifies a system to operate for a certain period of time by evaluating the risk of the system's security controls. ATO is based on the National Institute of Standards and Technology’s Risk Management Framework (NIST 800-37). In this podcast, Shane Ficorilli and Hasan Yasar, both with the Carnegie Mellon University Software Engineering Institute, discuss continuous ATO, including challenges, the role of DevSecOps, and cultural issues that organizations must address.
The Future of Cyber: Security and Resilience
Reverse Engineering Object-Oriented Code with Ghidra and New Pharos Tools
Women in Software and Cybersecurity: Dr. Carol Woody
Benchmarking Organizational Incident Management Practices
Machine Learning in Cybersecurity: 7 Questions for Decision Makers
Women in Software and Cybersecurity: Kristi Roth
Human Factors in Software Engineering
Women in Software and Cybersecurity: Anita Carleton
Improving the Common Vulnerability Scoring System
Why Software Architects Must Be Involved in the Earliest Systems Engineering Activities
Selecting Metrics for Software Assurance
AI in Humanitarian Assistance and Disaster Response
The AADL Error Library: 4 Families of Systems Errors
Women in Software and Cybersecurity: Suzanne Miller
Privacy in the Blockchain Era
Cyber Intelligence: Best Practices and Biggest Challenges
Assessing Cybersecurity Training
DevOps in Highly Regulated Environments
Women in Software and Cybersecurity: Dr. Ipek Ozkaya
The Role of the Software Factory in Acquisition and Sustainment
Create your
podcast in
minutes
It is Free