Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎11-09-2023 03:32 PM
‎11-09-2023 03:32 PM

Securing the Software Supply Chain

Hi All

 

Today, CISA, the National Security Agency (NSA), and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. Developed through the Enduring Security Framework (ESF), this guidance provides software developers and suppliers with industry best practices and principles, including managing open source software and software bills of materials (SBOM), to maintain and provide awareness about the security of software.

 

https://www.cisa.gov/news-events/alerts/2023/11/09/cisa-nsa-and-partners-release-new-guidance-securi...

 

Regards

 

Caute_Cautim

Reply
1 Reply
Early_Adopter
Community Champion
‎11-09-2023 06:57 PM
‎11-09-2023 06:57 PM

Good document - however I wonder what the high scores will be on the Vulnerability Exchange(VEX)?

One year old, two year old will anyone go three years and above asserting not vulnerable?
Reply