Policy
Go-Live Checklist for Federal Websites
Covering the breadth of federal web policy, the new downloadable checklist organizes policy requirements into nine categories and explains what your agency needs to do to meet each requirement.
Security
Secure websites and a secure online presence foster trust between the public and government.
More News and Events on Security
100 posts
GSA’s Fedramp Celebrates 10 Years of Impact on Cloud Security
GSA’s FedRAMP Celebrates 10 Years of Impact on Cloud Security—Today, the Federal Risk and Authorization Management Program (FedRAMP) celebrates its 10-year anniversary. On December 8, 2011, the Office of Management and Budget (OMB) signed a memo establishing FedRAMP to provide a cost-effective, risk-based approach for the adoption and use of cloud services. This landmark reflects GSA and FedRAMP’s commitment to protecting public and federal information through supporting IT modernization and securing IT infrastructure. Over the past ten years, the program has seen an incredible increase in the adoption of FedRAMP-authorized services and will play a critical role in improving the nation’s cybersecurity.— via General Services Administration
Unique Vulnerability Counts with Container Scanning
Unique Vulnerability Counts with Container Scanning—As Cloud Service Providers (CSPs) start to submit their container vulnerability scans in order to meet Container Scanning Guidance requirements, stakeholders monitoring submissions should expect to see large increases in the number of unique vulnerabilities. Learn what’s different, and the potential impact for agencies and CSPs.— via FedRAMP
Privacy
Security is Everyone’s Responsibility: Delivering Secure, Usable Login for Government
How login.gov incorporated human centered design and continuous discovery into their product development process to improve the user experience.
The New FedRAMP.gov
The New FedRAMP.gov—FedRAMP is excited to announce the launch of our revamped website. Thanks to feedback from our partners and stakeholders, the website has an improved user experience that makes FedRAMP information and resources more accessible. The website provides more in-depth information about FedRAMP’s authorization process, enabling agencies, Cloud Service Providers (CSPs), and Third-Party Assessment Organizations (3PAOs) to easily access pertinent information related to their role in the FedRAMP Authorization process.— via FedRAMP
A Dashboard for Privacy Offices
A Dashboard for Privacy Offices—Through work funded by 10x, a team from 18F investigated how technology can help busy privacy offices manage your PII, and make their work more accessible and understandable for the public.— via 18F
TTS Bug Bounty Program: 3 Year Review
We’re reflecting on our Bug Bounty program for the last 3 years and highlighting some lessons learned.
Security
True Crime Detectives: How We Used Free Web Metrics Tools To Uncover a Cybersecurity Incident
Join USA.gov as we slowly uncover a conspiracy to scam Americans using fake government websites… and then try to foil the caper!
This summit brings together the federal community to share success stories and best practices for utilizing federal source code and open source software, and examine the implementation of the Federal Source Code policy.
2020
10x project teams will demonstrate their work to date and provide brief overviews of each project. We hope that these talks will highlight some of the most interesting work happening in government today and inspire others to submit ideas to 10x.
Watch Video
2020
Making .gov More Secure by Default
Making .gov More Secure by Default — The DotGov Program announces its intent to preload the .gov top-level domain in order to protect .gov site visitors.— via DotGov Registry
Building, deploying, and hosting fast, secure, and compliant federal web sites and applications with Federalist.
Watch Video
2020
Making Critical Government Information More Resilient
Making Critical Government Information More Resilient—A roundup of steps that federal agencies, and other government entities, can take right now to improve the resilience of their websites and serve information more efficiently to the people that need it.— via 18F
Learn how organizations can securely collaborate using cryptographic technologies.
Watch Video
2020
Login.gov has surpassed 20 million registered users
This week, Login.gov has surpassed 20 million registered users! 🎉 Congratulations to the team for hitting this milestone while keeping the product simple and secure for the public.— via Login.gov
Betsy Steele, of the Federal Risk and Authorization Management Program (FedRAMP) team, shares how a crowdsourcing initiative invited the larger cybersecurity community to help inform the next iteration of government’s cloud security authorization program.
Watch Video
2019
GSA Steps Up Security for .gov
GSA’s DotGov Program is modernizing the security of .gov to make government websites and systems more secure.
The Ethics Working Group in GSA’s Technology Transformation Service hosts a presentation about data trusts; a legal structure designed to manage data, code, and other digital assets.
Watch Video
2018
A Conversation With ITIF About the State of Federal Government Websites
Since it’s been nearly six months since their report was released, we wanted to check in with ITIF and see what they’ve learned, what they’ve heard from agencies and what their future plans are to build on this research.
The Data Briefing: How Blockchain’s Future Growth Will Affect Federal Agencies
Blockchains are an innovative technology which promises to radically change how society conducts business. It will take significant changes in organizational processes before agencies can begin to support blockchains.
