NSA shares cyber tool on agency’s corporate GitHub website

NSA 112A National Security Agency cyber tool that allows computer systems to maintain a specific security posture is now publicly available on GitHub, a website for sharing source code – making it easier for other government organizations and private industry to adopt the tool to help fortify their networks against cyber threats, the NSA announced July 9.

The technology – known as the Systems Integrity Management Platform, or SIMP – is considered a critical part of layered, “defense-in-depth” approaches to cybersecurity.  NSA has increasingly shared its research with the open-source software community, a move that can accelerate the development of innovative capabilities and solutions in both the public and private sectors.

SIMP is located on an NSA-wide GitHub page that the agency launched this spring:https://github.com/nationalsecurityagency. NSA’s Information Assurance Directorate established a page in December 2013: https://github.com/iadgov.

SIMP keeps networked systems compliant with given security standards.  In recent years, multiple government and industry organizations have developed technologies similar to SIMP in response to U.S. Defense Department and Intelligence Community compliance requirements.  By releasing SIMP, the agency seeks to reduce duplication of effort and promote greater collaboration within the community:  The wheel would not have to be reinvented for every organization.

“The open-source software method of transferring technology from the federal laboratory to the marketplace is extremely efficient,” said Linda Burger, Director of the NSA Technology Transfer Program.  “The open-source community can leverage the work that NSA has produced, and the government can benefit from that community’s expertise and perspective.  It’s a win for everyone – and for the nation itself.”

Source: National Security Agency