Cleared for takeoff: Meeting TSA’s new cybersecurity requirements

Kaylin Trychon, VP of Marketing and Communications
  •  
July 10, 2023

I’ve spent my life surrounded by aviation. My father is a pilot, and growing up I would make him take me up in his Cessna every chance I could. While it may seem counterintuitive to most, I feel safest when I’m up in the air. It is rare for my personal passions and professional work to overlap, so when the Transportation Security Administration (TSA) issued new cybersecurity requirements for airport and aircraft security emphasizing the importance of secure software development practices, I took notice. 

After a string of high profile security incidents and the Biden Administration’s push for all aspects of critical infrastructure cyber defense to be bolstered, it comes as no surprise that the TSA issued updated requirements for the aviation sector. These updates will have significant impacts on IT, security, and compliance teams across the sector. According to the TSA breakdown, these requirements could apply to 80 airports, 21 passenger airlines and four cargo lines.

The amendment focuses on network segmentation, access control, continuous monitoring and threat detection, and patch management. Specifically, the patch management requirement aims to minimize the risk of exploiting unpatched systems by applying timely security updates using a risk-based approach.

This means that organizations operating in the aviation industry must prioritize their patching efforts based on the potential impact of vulnerabilities and the likelihood of exploitation.

Soar to zero-known vulnerabilities today  

We know CVE sprawl is a major problem facing organizations of all sizes who are trying to achieve various regulatory mandates, whether it is the new TSA requirements, FedRAMP or software self attestation. Engineering teams are required to spend their resources and time triaging CVEs just to get production environments in shape to meet these requirements. Once a CVE is patched, more are already on the way. In fact, recent research from Chainguard Labs found that popular container images, when not updated, accumulate one known vulnerability per day. 

This is where Chainguard Images can help. Because of the way we build and ship secure base images directly from the source, continuously, our solution is designed to help the aviation sector save time and speed up or maintain compliance. Our suite of minimal, hardened container images are continuously updated and tested for security and only contain what is required to build or run an application—delivering on average a 97.6% reduction in CVEs. 

We also provide organizations with an SLA for vulnerability remediation. This means that if a vulnerability is detected in one of our images, we'll remediate it within a specified timeframe, ensuring that our customers can deploy our images with confidence. This dramatically limits noise from your scanners, so when CVEs do show up, you can be confident that they’re real and need attention. Chainguard Images also include cryptographic signatures and come with SBOMs at build-time so developers can be confident that they're building with a secure foundation. 

Takeoff with Chainguard Images 

Chainguard Images can serve as a robust tool to help enable aviation companies to enhance their container security and meet the new TSA requirements effectively. Chainguard Images integrate seamlessly into existing containerized environments and provide an array of features specifically designed to simplify vulnerability patching and risk management.

Don’t just take my word for it. Chainguard Images were recently accepted into Platform One, the U.S. Air Force’s (USAF) DevSecOps platform. Chainguard Images, including Python and Node, are now available on Platform One through Iron Bank, its authorized container repository. 

As the industry navigates an increasingly complex cybersecurity landscape, it is vital for aviation companies to stay ahead of potential threats and meet regulatory requirements set by the TSA and other federal agencies. Chainguard Images provide a comprehensive, fast-acting solution for reducing vulnerabilities and enabling aviation companies to fulfill the TSA's newly issued requirements

By partnering with Chainguard and adopting Chainguard Images, aviation companies can establish a robust container security framework that not only meets regulatory demands but also safeguards against emerging cyber threats, bolstering their overall security posture and reinforcing trust in the aviation industry's software supply chain. 

Interested in how we approach building our Images and what makes them more secure than the alternative options? Check out this demo session with Chainguard CEO Dan Lorenc.  

If you want to learn more about Chainguard Images, our catalog or custom pricing for SLAs contact our team. 

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Don’t break the chain – secure your supply chain today!

News

Cleared for takeoff: Meeting TSA’s new cybersecurity requirements

Kaylin Trychon, VP of Marketing and Communications
July 10, 2023
copied

I’ve spent my life surrounded by aviation. My father is a pilot, and growing up I would make him take me up in his Cessna every chance I could. While it may seem counterintuitive to most, I feel safest when I’m up in the air. It is rare for my personal passions and professional work to overlap, so when the Transportation Security Administration (TSA) issued new cybersecurity requirements for airport and aircraft security emphasizing the importance of secure software development practices, I took notice. 

After a string of high profile security incidents and the Biden Administration’s push for all aspects of critical infrastructure cyber defense to be bolstered, it comes as no surprise that the TSA issued updated requirements for the aviation sector. These updates will have significant impacts on IT, security, and compliance teams across the sector. According to the TSA breakdown, these requirements could apply to 80 airports, 21 passenger airlines and four cargo lines.

The amendment focuses on network segmentation, access control, continuous monitoring and threat detection, and patch management. Specifically, the patch management requirement aims to minimize the risk of exploiting unpatched systems by applying timely security updates using a risk-based approach.

This means that organizations operating in the aviation industry must prioritize their patching efforts based on the potential impact of vulnerabilities and the likelihood of exploitation.

Soar to zero-known vulnerabilities today  

We know CVE sprawl is a major problem facing organizations of all sizes who are trying to achieve various regulatory mandates, whether it is the new TSA requirements, FedRAMP or software self attestation. Engineering teams are required to spend their resources and time triaging CVEs just to get production environments in shape to meet these requirements. Once a CVE is patched, more are already on the way. In fact, recent research from Chainguard Labs found that popular container images, when not updated, accumulate one known vulnerability per day. 

This is where Chainguard Images can help. Because of the way we build and ship secure base images directly from the source, continuously, our solution is designed to help the aviation sector save time and speed up or maintain compliance. Our suite of minimal, hardened container images are continuously updated and tested for security and only contain what is required to build or run an application—delivering on average a 97.6% reduction in CVEs. 

We also provide organizations with an SLA for vulnerability remediation. This means that if a vulnerability is detected in one of our images, we'll remediate it within a specified timeframe, ensuring that our customers can deploy our images with confidence. This dramatically limits noise from your scanners, so when CVEs do show up, you can be confident that they’re real and need attention. Chainguard Images also include cryptographic signatures and come with SBOMs at build-time so developers can be confident that they're building with a secure foundation. 

Takeoff with Chainguard Images 

Chainguard Images can serve as a robust tool to help enable aviation companies to enhance their container security and meet the new TSA requirements effectively. Chainguard Images integrate seamlessly into existing containerized environments and provide an array of features specifically designed to simplify vulnerability patching and risk management.

Don’t just take my word for it. Chainguard Images were recently accepted into Platform One, the U.S. Air Force’s (USAF) DevSecOps platform. Chainguard Images, including Python and Node, are now available on Platform One through Iron Bank, its authorized container repository. 

As the industry navigates an increasingly complex cybersecurity landscape, it is vital for aviation companies to stay ahead of potential threats and meet regulatory requirements set by the TSA and other federal agencies. Chainguard Images provide a comprehensive, fast-acting solution for reducing vulnerabilities and enabling aviation companies to fulfill the TSA's newly issued requirements

By partnering with Chainguard and adopting Chainguard Images, aviation companies can establish a robust container security framework that not only meets regulatory demands but also safeguards against emerging cyber threats, bolstering their overall security posture and reinforcing trust in the aviation industry's software supply chain. 

Interested in how we approach building our Images and what makes them more secure than the alternative options? Check out this demo session with Chainguard CEO Dan Lorenc.  

If you want to learn more about Chainguard Images, our catalog or custom pricing for SLAs contact our team. 

Related articles

Ready to lock down your supply chain?

Talk to our customer obsessed, community-driven team.