Rancher Government Solutions, a company focused on delivering secure, open source technology to the public sector, has teamed with the Linux Foundation, an open source technology consortium.

The collaboration allows RGS to add the complete portfolio of the Linux Foundation’s e-Learning courses to specific support subscriptions, the Reston, Virginia-based company announced on Monday.

“Cloud Native technology like Kubernetes require new skills. We are committed to enabling our customers to build those skills as part of their application modernization journey,” said Ben Zifrony, regional vice president of channels and alliances at RGS.

The Linux Foundation’s open source model promotes software enhancement by allowing freely available code to be modified and updated, unlike private architectures, which can impose limitations on change and growth in technology.

“Partnering with RGS to support the U.S. Government in their adoption of open source through secure tools and training is critically important,” said Clyde Seepersad, senior vice president and general manager of training and certification at the Linux Foundation.

The partnership follows RGS’ confirmation of multiple Security Technical Information Guide validations from the Defense Information Systems Agency for its Kubernetes technologies.

In April, the company’s Multi-cluster Manager version 2.6, which allows Department of Defense information technology specialists to integrate cluster deployment of bare metal, public and private clouds, vSphere and at the edge, received STIG approval.

RGS also received STIG validation for its RKE2 Kubernetes distribution, which made the organization the sole company offering a DISA-approved Kubernetes distribution STIG.

The Linux Foundation has also been working to bolster software security. In a collaboration with the Open Source Software Security Foundation, the organization has helped create a plan to enhance the security of open source software.

Priorities within the plan include securing open source security production, enhancing vulnerability discovery and remediation and accelerating ecosystem patching response time.

The Office of Management and Budget has issued a memorandum directing federal agencies to submit by May 4, 2023, an inventory of information systems and related assets containing cryptographic systems that could be decrypted by quantum computers as part of the transition to post-quantum cryptography.

OMB Director Shalanda Young wrote in the Friday memo that agencies are expected to submit the inventory of such assets on an annual basis through 2035.

Agencies should appoint an official to oversee cryptographic inventory and migration efforts within 30 days of the memo’s publication.

The document directs the Office of the National Cyber Director to issue instructions concerning the collection and transmission of the inventory and procedures related to funding assessments within 90 days.

According to the memo, the National Institute of Standards and Technology should develop within 60 days a mechanism to facilitate the sharing of PQC best practices and testing data among agencies and with industry partners.

The Cybersecurity and Infrastructure Security Agency should introduce within a year a strategy on automated tooling and support for the assessment of agencies’ progress when it comes to PQC adoption.

The U.S. Air Force’s 59th Test and Evaluation Squadron has made a contribution to Crowd-Sourced Flight Data by equipping the initial set of Combat Air Forces F-35 fighter jets with the Quick Reaction Instrumentation Package.

QRIP is a device that can collect a terabyte of data each flight, providing developers access to large volumes of data within minutes to accelerate software development and mission reprogramming changes and speed up the development and delivery of data products to pilots and intelligence officers.

“QRIP captures data that is currently not being recorded, or being discarded at the cutting room floor, and makes it available and accessible at the speed of relevance,” Lt. Col. Nathan Malafa, 59th Test and Evaluation squadron commander.

QRIP has been installed in 19 CAF F-35 jets and the Air Force said it plans to expand the deployment of the instrumentation package to other fighter planes and platforms.

“The more data we can collect from the Air Force’s diverse portfolio puts the ‘crowd’ in CSFD and amplifies data sets we can use to gain competitive advantage against our adversaries and competitors,” noted Malafa.

The National Security Agency and the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security have unveiled supply chain best practices for customers. 

The document, titled “Securing the Software Supply Chain: Recommended Practices for Customers,” aims to foster communication between software developers, suppliers, customers and cybersecurity professionals that may facilitate streamlining the software supply chain process, NSA said Thursday. 

NSA said customers should examine threats by conducting supply chain risk management activities and define risk profiles during the security requirements process.

Enduring Security Framework is a public-private partnership that issues suggestions for securing the U.S. critical infrastructure and improving national security. The NSA and CISA guidelines were developed via collaboration with ESF.

The framework is the last segment of ESF’s three-part joint publication series. The partnership released a version of the guidance for software developers in September and will debut an edition for software customers in the future.