NIST sets parameters for software supply chain project, building on work from cyber executive order

By Sara Friedman / November 11, 2022 at 9:00 AM
The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence is revealing details for an upcoming project on securing the software supply chain using a DevSecOps implementation approach. “To help improve the security of DevOps practices, the NCCoE is planning a DevSecOps project that will focus initially on developing and documenting an applied risk-based approach and recommendations for secure DevOps and software supply chain practices consistent with the Secure Software Development Framework (SSDF), Cybersecurity Supply Chain Risk Management...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.