US government extends software security deadline because vendors aren't ready
Vendors who sign the attestation forms acknowledge that their products adhere to the development standards in the NIST SSDF, which was 1released in February 2022. The goal is to protect government agencies from the growing threat of supply chain attacks, such as when malicious code was added to SolarWinds software, or the ongoing exploitation of aAttestations forms are crucial"because the producer of that end product is best positioned to ensure its security," Young wrote.
Executives at companies that sell software to the federal government therefore need to ensure their developers are building secure software while balancing productivity and innovation, he said.open-source softwareThe government and private sectors are pushing back against supply chain attacks in part by forcing software vendors, through attestation and 1, to better secure their products.
"Organizations who use open-source software need to also take accountability for securing what's in their supply chains," he said. The government also needs to work closely with the software industry on developing higher level SBOM data. SBOMs are like the labels on food products, a list of the components that make up a software product so that users know what's inside. The better the data, the more secure the software can be.
In addition,"SBOMs will have broader commercial implications, and industry has access to more data today." ®
Brasil Últimas Notícias, Brasil Manchetes
Similar News:Você também pode ler notícias semelhantes a esta que coletamos de outras fontes de notícias.
Last of the Gozi 3 gets 36 months for malware ops schemeBanking trojan still going strong as feds put bulletproof hosting point man behind bars
Consulte Mais informação »
London-listed Cineworld prepares to file for administrationThe stricken cinema chain is lining up AlixPartners to act as administrator to its quoted holding company with an announcement likely to be made this week, Sky News understands.
Consulte Mais informação »
Tuffnells falls into administration with more than 2,000 made redundantTuffnells falls into administration with more than 2,000 people made redundant
Consulte Mais informação »
Tuffnells delivery company in administration putting Lanarkshire jobs at riskNews that the majority of the company's 2,200 strong UK workforce will be made redundant has been met with dismay by Lanarkshire MP Angela Crawley who says her door is open for anyone affected.
Consulte Mais informação »
The US won't force the world's biggest chipmakers to back out of China even if it apparently makes them 'look very weak'The Biden administration plans to keep trade export-control policy restrictions loose for top semiconductor manufacturers.
Consulte Mais informação »
Family business boss steps in to secure jobs at Telford plastics moulding firmA company boss has successfully acquired parts of a Telford plastics moulding business that went into administration recently.
Consulte Mais informação »