Software quality does not happen by accident; neither does security.
Security must be an integral part of software design and code specifications so that federal agencies have appropriate levels of cyber resilience and assurance to protect weapon systems and IT environments from cyber threats.
Software applications are easily exploitable by adversaries, because many organizations are not applying the proper measures and due diligence to discover and patch vulnerabilities, especially prior to use. Agencies must protect systems from both software vulnerabilities and unintended software processing that compromise availability, integrity and other security properties.
