Software security
SolarWinds Complies With CISA Self-Attestation Form Requirement
SolarWinds has submitted a self-attestation form to the Cybersecurity and Infrastructure Security Agency, confirming that the company’s software products were built using secure development practices.
According to the company, it is the first software provider to comply with the CISA requirement to submit the Secure Software Development Attestation Form through the Repository for Software Attestations and Artifacts.
The attestation form submission covers various software solutions, including Hybrid Cloud Observability version 2024.1, Hybrid Cloud Observability modules, SolarWinds Observability and IT Service Management, SolarWinds said.
The form, released on March 11, was created in partnership with the Office of Management and Budget and was based on the National Institute of Standards and Technology’s Secure Software Development Framework.
CISA developed the attestation form in support of the Department of Homeland Security’s strategy to strengthen the resilience of the software supply chain to cyberattacks, enhance information sharing between the public and private sectors, and take a proactive approach to combat cyberthreats.
Tim Brown, vice president of security at SolarWinds, said complying with the latest CISA guidelines reflects the company’s commitment to protect its global digital infrastructure.
In 2020, a cyber incident compromised SolarWinds’ Orion IT monitoring software, impacting nearly 100 organizations in the public and private sectors.
Category: Cybersecurity