Sen. Jeanne Shaheen (D-New Hampshire) has asked the Defense Department to provide information on how it handles security risks associated with DoD’s software platforms that have undergone foreign government reviews, Reuters reported Wednesday.
Shaheen’s Tuesday letter to Defense Secretary James Mattis came weeks after the news agency reported earlier this month that a Russian defense agency was permitted to assess the source code of Hewlett Packard Enterprise’s ArcSight software.
ArcSight is a cyber defense tool that DoD uses to safeguard its computer systems from cyber threats.
“I understand that individual businesses must make decisions weighing the risk of intellectual property disclosure against the opportunity of accessing significant overseas markets,” wrote Shaheen, a Senate Armed Services Committee member.
“However, when such products undergird [Defense Department] cyber defenses, our national security may be at stake in these decisions,” she added.
A spokeswoman for HPE said such source code reviews have occurred in Russia for years and that the company ensures the security of its products through close monitoring of such reviews and prohibiting any source code from leaving the premises, according to the Oct. 2 report.
HPE sold ArcSight to U.K.-based software firm Micro Focus International last year.