The National Geospatial-Intelligence Agency has developed an app store that implements segmentation controls to provide Defense Department employees access to applications based on their security clearance levels, Wired reported Tuesday.
“We built the [GEOINT] App Store to be a completely unclassified environment that’s open to the public. … But it also has identity management that uses a federated approach to authentication,” said Ben Foster, a technical director at NGA and product manager for the app store.
Joedy Saffel, division chief and source director of NGA, said the agency has tapped Engility to analyze the source code of apps submitted by developers and screen those tools for potential vulnerabilities through the Innovative GEOINT Application Provider Program.
Under IGAPP, Engility comes up with an initial report on vulnerabilities and informs developers of their findings to help them modify their code.
“What we focused on early on was providing tools so developers can bring their app and do a lot of the pre-testing and development with Engility,” Saffel said.
“And then NGA has a governance board that meets every week, and the whole process has matured enough that by the time an app comes to NGA, we can review it and get that application into the app store and exposed within two weeks’ time,” he added.