Skip to main content
close search
site logo
Dive Brief

DOD plans to fast-track software security reviews

The Pentagon will lay out new security requirements and approval processes for the software it purchases.

Published May 5, 2025
Eric Geller's headshot
Senior Reporter
Military Surveillance Officer Working on a City Tracking Operation in a Central Office Hub for Cyber Control and Monitoring for Managing National Security, Technology and Army Communications.
gorodenkoff via Getty Images

Dive Brief:

  • The Department of Defense is streamlining its software-procurement approval process.
  • The Pentagon on Monday announced that its “Software Fast Track Initiative” would define new requirements that software vendors must meet in order to sell their products to the DOD. 
  • The initiative comes as the Trump administration considers what to do with Biden-era software security programs.

Dive Insight:

One of the biggest questions about the Trump administration’s cyber policy agenda is what it will do with the Biden administration’s software security programs, including an attestation process for civilian vendors. Trump’s team has already begun changing the FedRAMP cloud security review program, seeking to increase automation and reduce wait times. Monday’s announcement of the DOD Software Fast Track Initiative extends that theme into the military procurement space.

“Lengthy, outdated cybersecurity authorization processes frustrate agile, continuous delivery,” acting DOD CIO Katie Arrington wrote in an internal announcement memo on April 24. Arrington also warned of the dangers of the government’s use of unvetted open-source software.

As part of the new initiative, DOD will spend 90 days defining cybersecurity and supply-chain risk management requirements that software must meet; the processes to verify that software meets the requirements; secure ways for companies to share attestation information with the military; and government-led “risk determinations to expedite the cybersecurity authorizations for secure, rapid software adoption.” 

The Pentagon on Monday released three Requests for Information (RFIs) to gauge the tech industry’s ability to supply tools for the initiative.

DOD’s interest in sunsetting longstanding software approval processes could create opportunities for new vendors that have struggled with the current system. The fast-track program in particular could benefit startup companies, which might be able to respond more nimbly to the coming changes than their larger competitors.

An accelerated acquisition process could also introduce cybersecurity risks, however. It remains to be seen how much of an emphasis security will receive in the new procurement program. Given U.S. officials’ longstanding concerns about supply-chain integrity, however, it is likely that the process’s emphasis on supply-chain transparency will benefit companies with no ties to China or other U.S. adversaries. The announcement criticizes existing processes for incorporating “little to no supply chain visibility.”

Editors' picks

Company Announcements

View all | Post a press release
BrandShield Launches Resolve to Bring Enterprise-Grade Cybersecurity to Companies of Any Size
From BrandShield
April 28, 2025
Onsite Mammography Data Breach Investigation
From Migliaccio & Rathod LLP
April 22, 2025
Blackpoint Cyber Unveils CompassOne: A Unified Security Posture and Response Platform to Secur…
From Blackpoint Cyber
April 28, 2025
12th Annual Edition of the BeyondTrust Microsoft Vulnerabilities Report Reveals Record-Breakin…
From BeyondTrust
April 15, 2025
Editors' picks
Latest in Strategy
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.