The Army’s Next Generation Command and Control (NGC2) initiative isn’t just a tech upgrade — it’s a full-stack transformation of how the force fights, communicates and makes decisions.
Our new Special Bulletin Review dives into how the Army Futures Command, PEO C3N and the 4th Infantry Division are collaborating with industry to build a scalable, data-centric ecosystem. It must support artificial intelligence, enable rapid decision-making and withstand contested environments.
What Army leaders told us:
“The first time soldiers are seeing it is immediately upon contract award.” — Col. Chris Anderson, NGC2 program manager, Program Executive Office for Command, Control, Communications and Network
“We’re doing this every day. … You have to fail a little bit.” — Lt. Col. Nate Platz, deputy chief of staff for NGC2 for the 4th Infantry Division
“Success looks like data free flowing across the battlefield.” — Anthony Nigara, vice president of business development, sales and strategy, L3Harris Technologies
“This is the most significant transformation of command and control in the service’s history.” — Brig. Gen. Mike Kaloostian, director of the C2 Cross-Functional Team, Transformation and Training Command
Get insights into Ivy Sting exercises, multivendor contracting strategies, how the Army is preparing for AI-enabled warfare and more.
The debut of XRP ETFs has revived optimism in the market, especially as these products continue to attract large amounts of capital. For context, since their launch, the funds have pulled in roughly $666 million across 11 trading sessions.
Prominent portfolio manager Michael Gayed, known for overseeing ETFs such as FMKT and ATACX, has hinted at a potential move into XRP. In a tweet on Thursday, Gayed posted a cryptic message, saying he “might do something related to XRP.” The comment gained traction across the XRP ecosystem.
Amazon might be most known for how it has mastered the logistics of moving millions of items on the ground. But it’s also active in space, in a race to build out the next generation of enterprise communications capabilities.
Amazon Leo, formerly known as Project Kuiper, has already put some 150 satellites into low earth orbit (LEO), according to its principal business development lead, Rich Pang. Leo’s goal, Pang said, is to “enable connecting folks who don’t have connectivity or who have poor connectivity.”
Operating at a height of about 600 kilometers, the satellites’ RF links “are easily done with small terminals and, because of that closeness to earth, [with] high throughput and low latency,” he said.
That includes enterprises, including the Defense Department and federal national security agencies.
“We know that the defense and national security apparatus is not a fixed force, it’s a mobile force,” Pang said. “It requires multi domain connectivity to ensure that airplanes, ships, trucks, command vehicles are always connected, not only in receiving information, but getting commands out to the field as well.”
He said Leo augments communications capabilities the military and national security components already have with “more resilient and secure connectivity to ensure they have that ability to connect all those operations regardless of which domain they operate in.”
Remote regions of the oceans where the Navy operates come to mind, but land areas also have connectivity gaps, or ground-based comms get knocked out.
“You can’t have guaranteed fiber connectivity or usual connectivity that you’re used to having back at home station,” Pang said. “It’s important to have very flexible types of comms that can respond rapidly to wherever they need to deploy forces.”
“I often think about our first responders, or disaster response customers that have multiple systems at any given time to ensure they have connectivity,” he added.
They already have their radios, microwave and cellular connections. Now, Pang said, “in the event any of those are taken down, they have to have satellite as a backup.”
Resilient, redundant
The addition of LEO satellites, with their low latency relative to geosynchronous satellites, contribute to what Pang called next generation connectivity. It’s marked by resiliency because of the alternate pathways for data movement the satellites bring.
Optical links among the satellites themselves contribute to the resiliency, Pang said. Inter-satellite pathways “remove congestion from certain ground points [and] allow us to have multiple paths to move information … not only on the ground but in space as well.”
Rather than operate as a separate entity, the satellite comms integrate with terrestrial capabilities and, for that matter, to commercial computing clouds, Pang said.
To ensure compliance with customers’ security requirements, Pang said, Leo operates within “this private connectivity directly into the cloud services … for our customers who are seeking secure solutions.” He noted that some industries have security needs at least as rigorous as the FIPS (Federal Information Processing Standards) requirement of the government.
As a managed service, Pang said, Leo constantly optimizes itself to maintain maximum use of its available bandwidth.
“It’s got varying geometries. It’s got varying frequencies,” he said. “And so inherently, these types of capabilities also make it more secure in that it helps reduce interference, whether meaningful or unintended.”
Beyond that, the Leo satellites fit in with a general trend of internet protocol (IP) as the basis for all communications, whether voice or data. That is, the multiprotocol label switching gives way to IP and software-defined wide area networks.
“I think this opens up the aperture to incorporate a lot of different capabilities throughout the many domains [the DoD] operates and also shorten the timeline in which they get that information from sensors to processing centers to engagement vehicles,” Pang said.
Grand orchestration
Therein lies the importance of redundancy and resiliency, especially in austere or contested environments. Pang described those qualities as “not being locked into a single architecture, but rather having many choices, having alternative to getting your information where it needs to go.”
“Resiliency, in my mind, is creating a dynamic system that allows you to choose the best path to take when you’re moving information around,” he added.
Pang said the government has been working continuously on how to integrate disparate networks and applications at the terminal level, where they operate single apertures that work on multiple networks.” This requires “an orchestration of all those capabilities to build that resiliency into the broader architecture that the Defense Department is trying to deploy now.”
Signal interruption, for instance by weather or intentionally interfered with by adversaries, occur regularly in Defense and national security situations.
“The system is designed to always sense for interference, whether it’s intentional or not,” Pang said. “It’s sensing for weather interference. It’s sensing for intentional interference, so it always knows that it needs an alternate path.”
Sensing and rerouting happen automatically, he said. The system “always knows that if I have interference in a particular path, it knows to look for the alternative or the tertiary path. The system is designed to constantly be optimizing itself very rapidly to ensure that that interference is dealt with.”
Pang said the LEO satellites of Amazon strengthen an important link in the information-to-decision chain. Once data from various sources arrived where it’s needed, “there are a lot of fusion engines, whether they sit on premises, in the cloud or even at the tactical edge.”
Leo is concerned with the movement of the data to those fusion sites.
“Our play is getting information to where it needs to be, whether it’s at the tactical edge or back to a data center to be fused, processed and then redistributed,” Pang said. “As the transport layer, not only can we get all that information back, we can help redistribute that information very quickly to the tactical user, so that commanders can make decisions in a much shortened timeline.”
The Pentagon is taking a major step forward in modernizing how it addresses cybersecurity risks.
Defense Department officials have emphasized the need to move beyond “legacy shortcomings” to deliver technology to warfighters more rapidly. In September, DoD announced a new cybersecurity risk management construct to address those challenges.
“The previous Risk Management Framework was overly reliant on static checklists and manual processes that failed to account for operational needs and cyber survivability requirements,” DoD wrote at the time. “These limitations left defense systems vulnerable to sophisticated adversaries and slowed the delivery of secure capabilities to the field.”
Weeding through legacy manual processes
The legacy of manual processes has built up over decades. Jason Venner, a solutions sales director at Diligent, said agencies have traditionally relied on people and paperwork to ensure compliance.
“It’s no one’s fault,” Venner said during Federal News Network’s Risk & Compliance Exchange 2025. “It just sort of evolved that way, and now it’s time to stop and reassess where we’re at. I think the administration is doing a pretty good job in looking at all the different regs that they’re promulgating and revising them.”
Venner said IT leaders are interested in ways to help streamline the governance, risk and compliance process while ensuring security.
“Software should help make my life easier,” he said. “If I’m a CIO or a CISO, it should help my make my life easier, and not just for doing security scans or vulnerability scans, but actually doing IT governance, risk and compliance.”
Katie Arrington, who is performing the duties of the DoD chief information officer, has talked about the need to “blow up” the current RMF. The department moved to the framework in 2018 when it transitioned away from the DoD Information Assurance Certification and Accreditation Process (DIACAP).
“I remember when we were going from DIACAP to RMF, I wanted to pull my hair out,” Arrington said earlier this year. “It’s still paper. Who reads it? What we do is a program protection plan. We write it, we put it inside the program. We say, ‘This is what we’ll be looking to protect the program.’ We put it in a file, and we don’t look at it for three years. We have to get away from paperwork. We have to get away from the way we’ve done business to the way we need to do business, and it’s going to be painful, and there are going to be a lot of things that we do, and mistakes will be made. I really hope that industry doesn’t do what industry tends to do, [which] is want to sue the federal government instead of working with us to fix the problems. I would really love that.”
Evolving risk management through better automation, analytics
DoD’s new risk management construct includes a five-phase lifecycle and then core principles, including automation, continuous monitoring and DevSecOps.
Arrington talked about the future vision for cyber risk management within DoD earlier this year.
“I’m going to ask you, if you’re a software provider, to provide me your software bill of materials in both your sandbox and production, along with a third-party SBOM. You’re going to populate those artifacts into our Enterprise Mission Assurance Support Service,” she said. “I will have AI tools on the back end to review the data instead of waiting for a human and if all of it passes the right requirements, provisional authority to operate.”
Venner said the use of automation and AI rest on a foundation of data analytics. He argued the successful use of AI for risk management will require purpose-built models.
“Can you identify, suggest, benchmark things for me and then identify controls to mitigate these risks, and then let me know what data I need to monitor to ensure those controls are working. That’s where AI can really accelerate the conversation,” Venner said.
XRP exchange-traded funds are rapidly nearing the $1 billion milestone, attracting bullish commentary from Ripple's CEO. The momentum builds on strong institutional demand and a wave of new listings from major traditional-finance players.
The Blue Cross and Blue Shield Federal Employee Program (FEP) offers several great coverage plans for federal employees, retirees, and their families.
FEP Blue Focus® is an ideal choice for individuals and families who mainly use their benefits for free preventive care and have minimal prescription needs.
What you’ll love about Focus:
Lowest premium to keep your costs down
$10 per visit for the first 10 primary and specialist visits for each person on your plan
Lowest copay for urgent care centers
Open Season starts November 10, 2025, and ends December 8. Explore how FEP Blue Focus® fits your needs.
Amid Vanguard’s support for crypto ETFs, community figures have compiled a list of all XRP ETFs available to the asset manager’s 50 million clients. The crypto industry continues to celebrate Vanguard’s decision to allow its clients to trade crypto ETFs through their brokerage accounts.
The spot XRP ETFs became the second-fastest to cross the $800 million milestone, beating the products from Ethereum and Solana. After the debut of Bitcoin ETFs in January 2024, which opened the path for other crypto ETFs, Ethereum ETFs emerged in July 2024, and Solana products were the next to begin trading en masse in October 2025.
Federal tech leaders are turning data into mission power.
Deliver faster. Operate smarter. Spend less. That’s the challenge echoing across federal C suites, and data modernization is central to the answer.
In our latest Federal News Network Expert Edition, leaders from across government and industry share how agencies are transforming legacy systems into mission-ready data engines:
Alyssa Hundrup, health care director at the Government Accountability Office, urges DoD and VA to go beyond “just having agreements” to share health care services and start measuring the impact of these more than 180 agreements: “There’s more … that could really take a data-informed approach.”
Duncan McCaskill, vice president of data at Maximus, reminds us that governance is everything: “Governance is your policy wrapper. … Data management is the execution of those rules every day. If you give AI terrible data, you’re going to get terrible results.”
Stuart Wagner, chief data and AI officer at the Navy, calls out the risks of inconsistent classification: “If the line is unclear, they just go, ‘Well, we can’t share.’ ”
Vice Adm. Karl Thomas, deputy chief of Naval operations for information warfare, highlights the power of AI and open architectures: “Let machines do what machines do best … so humans can make the decisions they need.”
And from the Office of Personnel Management, a full overhaul of FedScope is underway to make federal workforce data more transparent and actionable.
In every case: Data is the mission driver.
Download the full ebook to explore how these agencies are addressing modernizing their data strategy!
Life is busy. Which is why the Blue Cross and Blue Shield Federal Employee Program (FEP) offers benefits designed for your convenience.
Our Nurse Line is on call 24/7
Get expert health advice from qualified registered nurses anytime, at no cost.
Telehealth visits at no cost to you
Connect with a doctor anytime by phone, video chat, or the Teladoc Health® app—for free.
Programs designed to help you feel your best
Take control of your health through any of FEP’s condition management programs. We offer personalized wellness support and resources to help you manage your weight, diabetes, or hypertension.
Open Season starts November 10, 2025, and ends December 8. Learn more about FEP’s convenient, anytime-anywhere benefits.
A recent pricing model suggests that the XRP price could reach an ambitious three-digit level at high elasticity if ETFs absorb over 74 million tokens a day. Notably, the introduction of spot XRP ETFs has triggered confidence among investors, who now watch closely to see how these products might impact XRP's price once the broader market turns bullish and the funds gain real traction.
The XRP community is buzzing as investment giant Vanguard has officially listed a full lineup of XRP spot ETFs on its brokerage platform. The listings appeared under Vanguard’s “Non-Vanguard Funds” section within the Digital Assets category.
There’s a lot to consider when choosing your next health plan this Open Season. The Blue Cross and Blue Shield Federal Employee Program (FEP) offers benefits that reward you for completing activities that support your health.
Get $150 for completing your annual physical
Use it to pay for qualified and specific non-qualified medical expenses, eyewear, medications and more.
Earn $120 for completing Daily Habits
From eating better to managing stress, FEP Blue Basic® and FEP Blue Standard® members can get rewarded for completing three eligible goals in 2026.
Enjoy access to Blue365®
Treat yourself and your health through our exclusive discount program with hundreds of ways to save on everything from gym memberships and fresh meal kits to travel.
Open Season starts November 10, 2025, and ends December 8. Learn more about FEP plans and how these wellness rewards can support your health this Open Season.
The crypto market took investors on a wild ride this past 24 hours, as a cascade of forced liquidations triggered a sudden 5% drop in total market capitalization. With more than $600 million wiped out and Bitcoin slipping below $87K, all eyes now turn nervously toward the Federal Reserve’s December 10 meeting-a potential game-changer for the entire crypto landscape. But calm traders know this dip is part of the game; here’s why patience might just be your best strategy.
Key Market Developments
The crypto market experienced a broad decline due to thin liquidity and heavy leverage, causing more than $600 million in liquidations. This sharp pullback dropped the total crypto m arket capitalization by about 5% to around $2.90 trillion.
The market is currently cautious ahead of the crucial Federal Reserve meeting scheduled for December 10, which is expected to strongly influence market sentiment and direction. No major news event triggered this immediate drop; instead, forced liquidations on derivatives platforms caused cascading selling pressure.
Despite a sharp decline, the Crypto Fear and Greed Index held steady at 20, showing that fear still reigns over the market.
Bitcoin and Ethereum Price Movements
Bitcoin slipped about 4.2% to approximately $86,200 during this period, l osing around $4,000 within minutes mainly due to leveraged selling amid thin liquidity. Ethereum dropped roughly 6% to near $2,833, reflecting similar selling pressures.
The decline was exacerbated by forced liquidations and a calm but cautious macro environment, with investors awaiting clarity on the Fed’s policy tone. November ended with significant losses for both BTC and ETH, with institutional outflows from related ETFs intensifying downward pressure.
Key On-Chain Bitcoin Metrics (Last 24 Hours)
From a purely psychological perspective, a sudden price drop when holding a long position is a very unpleasant experience. However, we do not trade based on fear or expectations here. Hopefully, you do too, dear reader, and have a clear, specific strategy in place — we trade Bitcoin (and other cryptocurrencies) while leaving all emotions outside the trading platform. For now, we are taking no action with the position and are calmly waiting.
Key On-Chain Ethereum Metrics (Last 24 Hours)
We are also holding our position in ETHUSD without taking any action and patiently waiting.
Dollar Index (DXY) and Reasons
The U.S. Dollar Index (DXY) remained near a three-month high, supported by anticipation of Federal Reserve’s likely continued hawkish stance. This strengthened dollar exerts downward pressure on cryptocurrencies as risk assets face headwinds amid tighter monetary policy expectations. The dollar’s strength is critical in crypto price dynamics, particularly amidst macroeconomic uncertainty.
Top 5 Altcoin Performers (24h Volume Change and Comments)
Market and Price Predictions
Expert sentiment suggests that the outcome of the Fed’s December 10 meeting will be decisive. A dovish Fed could lift BTC towards $100,000-$105,000, while a hawkish stance might push prices further down toward $80,000. Ethereum’s price is expected to remain volatile, possibly testing lows around $2,800, before stabilizing as network upgrades and DeFi growth continue.
Promising Crypto Projects with High Growth Potential
Bitcoin: Continued dominance as a digital gold store of value.
Ethereum: Key Layer 1 blockchain with expanding DeFi and smart contract adoption.
Polygon (MATIC): Layer 2 scaling solution with growing user base.
Chainlink (LINK): Leading decentralized oracle network, vital for DeFi and smart contracts.
Avalanche (AVAX): High throughput blockchain supporting decentralized applications and enterprise use cases.
Conclusion
In a world where crypto prices can dance like nobody’s watching, remember: panic-selling won’t win you any trophies. Hold tight, stay savvy, and maybe keep a coffee ready for that Fed meeting-it’s shaping up to be more dramatic than your favorite Netflix thriller.
The XRP community woke up to a cryptic message from prominent asset manager 21Shares. Specifically, in a post on X, 21Shares wrote, “Can you keep a secret?” However, it didn’t remain a secret for long as members of the community quickly deduced that the hint was related to 21Shares’ widely anticipated spot XRP ETF (TOXR).
XRP supporters are once again drawing parallels between Bitcoin’s explosive post-ETF performance and what could happen next for XRP. Finance commentator Zach Rector says many investors are still underestimating how powerful ETF-driven demand can be.
Rising questions about XRP's true circulating supply are fueling new debate among analysts as spot XRP ETFs continue purchasing XRP. XRP community figures Zach Rector and Chad Steingraber recently pointed out that ETFs have very few places to acquire XRP.
Applications have long evolved from monolithic structures to complex, cloud-native architectures. This means that the tried-and-true methods we rely on are becoming dangerously outdated. For AppSec to keep pace, we must look beyond current tooling and revisit the very fundamentals of DAST – the automated discipline of black box testing.
The basics of black box security testing
Before diving into modern challenges, let’s revisit the three pillars of any successful black box security test: a foundation that remains constant even as technology shifts:
State: The application must be put into a specific condition that exposes potential vulnerabilities.
Payloads: A relevant attack string must be sent to trigger the vulnerability. Payloads must be crafted to match the underlying technologies and the desired aggression (e.g., a simple SLEEP vs. a data-altering DELETE).
Assertions: You need a reliable way to determine if the payload was successful. This can be as simple as a script alert(1) or as complex as measuring response time changes for a Blind SQL injection.
These fundamentals are always constrained by two major resources:
Server load: Can the system (especially a production system) handle the load of testing? Testing production is often ideal because it holds all business-critical data and is never truly equal to staging.
Scanning time & cost: Resources are finite. A scan running in a fast build pipeline needs a different time budget than one in a QA environment. Furthermore, computational costs for rendering, traffic, and even AI tokens must be factored in.
Why the old methods are breaking
The black box fundamentals are stable, but the applications we test have been completely revolutionized.
Monolithic legacy architecture (The “good old days”) In the traditional LAMP stack world, things were simpler:
URL = State: Each state of the application was directly accessible via a URL.
Visible technology: The underlying tech stack was relatively easy to determine, and the alternatives were few.
Direct payload response: Payloads directly triggered the application you were testing, with minimal movement through system components.
Modern Application Architecture
Today, the architecture is complex and layered, breaking all the old assumptions:
URL ≠ State: Application state is now driven by actions (like clicking a button to add a product to a cart), not just URLs. Modern URLs often use fragments (#) and may change client-side via the JavaScript history API without triggering HTTP requests.
Hidden technology stack: Applications now consist of CDNs, cloud storage, container groups, message queues (like Kafka), and schedulers. The underlying tech is hidden and protected behind many layers.
Payloads trigger across components: A single payload might travel through a Kafka message bus and trigger in a separate system, potentially due to serialization/deserialization differences between coding languages, or even in a third-party service (e.g., a logging tool).
With architecture fundamentally changed, it is no wonder many black box tools, often based on decades-old underlying projects, are struggling to keep up.
The (very much) required shifts in black box methodology
To meet the challenges of modern apps, black box tools must evolve their approach to state, payloads, and assertions.
1. Generating State
Graph, not a tree: URL trees are obsolete. A modern web app must be modeled as a graph, where a node is a state and an edge is an educated guess of an action that modifies the state. This requires modeling both client-side and server-side state.
Recreation of state: You can no longer reliably recreate a state with just a URL or a HAR archive. Tools must replay the sequence of actions taken to reach a specific state.
Short-lived states: States are increasingly short-lived (e.g., JWTs with short TTLs), making it difficult for traditional crawlers to test them effectively later on.
2. Crafting payloads
Context-aware payloads: Since the full stack is hidden, payloads must be designed to work in multiple contexts. A single string must survive serialization/deserialization across different programming languages as it propagates through the system and potentially triggers in a different software stack.
3. Making Assertions
Delayed and out-of-band triggers: Payloads may now trigger much later, possibly after being queued for processing or returning from a different view. The Log4j vulnerability was a clear example of payloads triggering deep within the architecture, requiring out-of-band methods and network pingbacks.
Noisier Systems: Measuring system behaviors, like using response time for Blind SQL injection, is nearly impossible in an architecture based on message queues and load balancing.
The path forward
The key is not to “just AI everything,” but to strategically use advanced methods to optimize decision-making. We at Detectify have already begun rolling out a couple of next-generation assessment updates to address this, with Dynamic Payload Rotation as a prime example for our API Scanner, and many more are planned for early next year.
This feature utilizes a near-infinite pool of payloads, mixing constant checks with experimental variations. If an experimental payload succeeds, it is immediately reused in future tests for that tech stack. This form of unsupervised machine learning allows the scanner to gain a permanent testing edge, ensuring that the fundamentals of state, payload, and assertion evolve as fast as the applications they protect.
Login
