Connect with us

Hi, what are you looking for?



CISA Announces Open Source Post-Election Auditing Tool

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this week announced the release of an open source post-election auditing tool in preparation for the 2020 elections.

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this week announced the release of an open source post-election auditing tool in preparation for the 2020 elections.

CISA says it has teamed up with election officials and their private sector partners to support their efforts in improving post-election auditing in future elections.

Called Arlo, the newly introduced auditing tool is being created by non-partisan, non-profit firm VotingWorks, which is committed to developing secure election technology. The tool includes support for various types of post-election audits across numerous voting systems, including major vendors.

Arlo is built on auditing work performed by Colorado, which in 2017 implemented rigorous Risk-Limiting Audits (RLAs) and conducted audits in over 50 of its 64 counties.

Considered the best safeguard against hacked or faulty voting systems, the RLA is efficient because it eliminates the need to manually recount every vote, VotingWorks explains.

The Arlo open source software is being offered for free to state and local election officials, and their private sector partners. State and local jurisdictions can also use a hosted Software-as-a-Service version of the tool, for a fee.

“Arlo provides an easy way to perform the calculations needed for the audit: determining how many ballots to audit, randomly selecting which ballots will be audited, comparing audited votes to tabulated votes, and knowing when the audit is complete,” CISA says.

Advertisement. Scroll to continue reading.

The initial version of Arlo has support for pilot post-election audits across the country, including several from this month’s elections. Election officials in Pennsylvania, Michigan, Missouri, Virginia, Ohio, and Georgia are among the partners of the pilot program, but some additional partners will be revealed within the following weeks.

“At a time when we know foreign actors are attempting to interfere and cast doubt on our democratic processes, it’s incredibly important elections are secure, resilient, and transparent. For years, we have promoted the value of auditability in election security, it was a natural extension to support this open source auditing tool for use by election officials and vendors, alike,” said CISA Director Christopher Krebs.

Related: Threat to US Elections Not Limited to Russia in 2020

Related: Securing the 2020 Elections From Multifarious Threats

Related: New Election Systems Use Vulnerable Software

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.