The US has failed to take the offensive cyber products to the Wassenaar agreement. That means that the State Department and the Pentagon are looking for an alternative framework, they might find it in ITAR [International Traffic in Arms Regulations]. The ITAR is a set of United States Government regulations on the export and import of military related articles and services. It can contain the offensive technologies and give the US control over them. It allows the US to use ITAR to control the export of those technologies.”]
Source: https://securityaffairs.co/wordpress/42333/uncategorized/itar-as-cyber-arms-control.html