×

Get the Best GovCon News Straight to your Inbox

Cybersecurity

Security Agencies Post Compendium of Software Security Best Practices for Developers

Supply chain security

guidance

Security Agencies Post Compendium of Software Security Best Practices for Developers

A trio of federal security entities has published guidance on how the developer community can better protect the software supply chain.

The document, titled “Securing the Software Chain for Developers,” resulted from a collaboration among the National Security Agency, Cybersecurity and Infrastructure Agency and the Office of the Director of National Intelligence.

Specifically, the paper is a product of the Enduring Security Framework public-private working group led by NSA and CISA.

The document offers industry and government-evaluated recommendations and serves as a compendium of existing resources for developers, NSA said Thursday.

In the 64-page document, ESF noted that President Joe Biden’s May 2021 executive order directed the federal government to better secure the software supply chain.

Biden called for systematic reviews, process improvements and new security standards for agencies procuring software products.

ESF said that software chain flaws are emphasized by cyberattacks like the Russia-linked SolarWinds hack and the vulnerability exploits like Log4j, which impacted many applications.

The guidance is only the first in a three-part series. ESF will publish two others: one targeted at software suppliers and another at software customers.

ESF added that the document furthers the respective cybersecurity missions of NSA, ODNI and CISA, including the issuance of cybersecurity recommendations and mitigations.

GovCon Wire Logo

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Category: Cybersecurity

Tags: CISA cybersecurity Enduring Security Framework guidance NSA ODNI software SolarWinds supply chain security

The Ultimate Guide to Winning Government Contracts Let us show you how top executives are winning so you can replicate it