If the U.S. intelligence community worries about Huawei and Kaspersky, DHS should worry about federal government use of certain foreign VPN apps, says Sens. Marco Rubio and Ron Wyden.

Despite significant improvements to government website encryption, some metadata is still transmitted insecurely, the Oregon Democrat said.

Mick Mulvaney revealed Thursday that the agency had suffered some 240 “lapses” in data security over an unspecified time period, in addition to a suspected 800 other such incidents.

Although Bugcrowd, HackerOne and Synack each follow a slightly different model, they each show what's working for bug bounty companies.

The General Services Administration removed Kaspersky Lab from its approved list of vendors, adding significant difficulty for federal agencies to buy and use the Moscow-based company's products.

The competition between the dozen-plus components was "good natured and healthy."