Authority to Operate (ATO) is a process that certifies a system to operate for a certain period of time by evaluating the risk of the system's security controls. ATO is based on the National Institute of Standards and Technology’s Risk Management Framework (NIST 800-37). In this podcast, Shane Ficorilli and Hasan Yasar, both with the Carnegie Mellon University Software Engineering Institute, discuss continuous ATO, including challenges, the role of DevSecOps, and cultural issues that organizations must address.
Enabling Transition From Sustainment to Engineering Within the DoD
The Silver Thread of Cyber in the Global Supply Chain
Measuring DevSecOps: The Way Forward
Bias in AI: Impact, Challenges, and Opportunities
My Story in Computing with Rachel Dzombak
Agile Strategic Planning: Concepts and Methods for Success
Applying Scientific Methods in Cybersecurity
Zero Trust Adoption: Benefits, Applications, and Resources
Uncertainty Quantification in Machine Learning: Measuring Confidence in Predictions
11 Rules for Ensuring a Security Model with AADL and Bell–LaPadula
Benefits and Challenges of Model-Based Systems Engineering
Fostering Diversity in Software Engineering
Can DevSecOps Make Developers Happier?
Is Your Organization Ready for AI?
My Story in Computing with Marisa Midler
Managing Vulnerabilities in Machine Learning and Artificial Intelligence Systems
AI Workforce Development
Moving from DevOps to DevSecOps
My Story in Computing with David Zubrow
Mission-Based Prioritization: A New Method for Prioritizing Agile Backlogs
Create your
podcast in
minutes
It is Free