DHS Supporting Critical Infrastructure Through Open-Source Software Prevalence Effort

Explore a groundbreaking research initiative by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) aimed at enhancing critical infrastructure protection through open-source software (OSS) prevalence efforts. Delve into the development of an end-to-end methodology designed to identify, analyze, and risk-assess IT and OT devices on networks. Learn how this ambitious project aims to parse individual software and firmware components, identify OSS within each layer, and generate cyber vulnerability scores. Discover the potential for creating and managing Software and Firmware Bills of Materials (SBOMs and FBOMs) to track and update devices based on vulnerability disclosures from CISA and other authoritative sources. Gain insights into this crucial capability that promises to revolutionize OSS management and bolster cybersecurity across critical infrastructure sectors.

DHS Supporting Critical Infrastructure Through Op... - Scott Andersen & Juan Lopez & Olga Livingston