The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence is revealing details for an upcoming project on securing the software supply chain using a DevSecOps implementation approach. “To help improve the security of DevOps practices, the NCCoE is planning a DevSecOps project that will focus initially on developing and documenting an applied risk-based approach and recommendations for secure DevOps and software supply chain practices consistent with the Secure Software Development Framework (SSDF), Cybersecurity Supply Chain Risk Management...