How To Navigate The Federal Information Systems Vulnerability Patching Directive

The Biden Administration, through the Cybersecurity & Infrastructure Security Agency (CISA) has issued a directive which applies to all software and hardware found on federal information systems managed on agency premises or hosted by third parties on an agency’s behalf. These required actions apply to any federal information system, including an information system used or operated by another entity on behalf of an agency, that collects, processes, stores, transmits, disseminates, or otherwise maintains agency information.

Developer writing quality code on computer screen

While standard QA centers around how well a software application meets functional requirements, structural code quality focuses on non-functional items like how well the code that makes up a piece of software adheres to standards, best practices, security, efficiency, and maintainability. For example, are naming conventions used consistently, outdated libraries removed from use, SQL injection points secured, etc.?

Subscribe to RSS - best practices