News and notes from around the federal IT community.
DARPA funds software rating system
Peiter Zatko, perhaps better known by his hacking handle Mudge, is working on a Pentagon-funded project to create a public tool that rates the cybersecurity of commercial software and systems, Zatko told Inside Cybersecurity.
His Cyber Independent Testing Laboratory won a contract last month worth $500,000 from the Defense Advanced Research Projects Agency, the report states. Firmware is among the products his company will rate, and hardware will "come into play in certain situations," Zatko told the publication.
The goal is to come up with a cyber equivalent of Underwriters Laboratories' testing regime that vets electronic devices for safety.
Christopher Soghoian, principal technologist and a senior policy analyst for the ACLU's Speech, Privacy and Technology Project, questioned the award on the grounds that Zatko once worked for DARPA.
"I love the idea of a cyber Underwriters Labs, but DARPA giving half a mil to an ex-DARPA manager looks a bit iffy," Soghoian tweeted.
GSA adds IT resources to Acquisition Gateway
The General Services Administration has added three categories to its IT Hardware and IT Software hallways in its Acquisition Gateway, bringing the total to 17.
In an Oct. 7 blog post, Mary Davie, assistant commissioner of the agency's Office of Integrated Technology Services, said the new categories cover telecommunications, IT services and IT security.
GSA is developing the gateway to provide a one-stop resource for federal buyers looking for IT goods and services. Gateway managers gather a wide range of resources, including pricing tools and information, guides, best practices, and expert articles.
Currently, only federal users have access to the Acquisition Gateway, but Davie said her agency will give industry stakeholders, state and local government procurement officials, and the general public a view into the service by early fiscal 2016.
Former top cyber official lands at D.C. law firm
Ari Schwartz, who recently left his job as senior director for cybersecurity at the National Security Council, is joining Washington, D.C., law firm Venable as managing director of cybersecurity services.
In his work at the White House, Schwartz was responsible for coordinating network defense cybersecurity policy, including critical infrastructure protection, federal network protection, supply-chain efforts, cybersecurity standards promotion and information sharing.
In his new position, Schwartz will help clients and the firm's attorneys understand risk management strategies and cybersecurity policy, including implementation of the White House's Cybersecurity Framework and other tools.
NASA gives startups a hand with tech
NASA is offering more than 1,200 of its patented technologies to startups for free (at first), the agency announced Oct. 7.
Startup NASA, part of NASA's Technology Transfer Program, will enable young companies to pay nothing upfront to license patented NASA tech ranging from materials to advanced sensors.
"The Startup NASA initiative leverages the results of our cutting-edge research and development so entrepreneurs can take that research -- and some risks -- to create new products and new services," said David Miller, NASA's chief technologist.