![]() ![]() “ It then defines eleven tasks and techniques which comprise the recommended software verification minimums. And there remains the challenge of software supply chain security, utilizing modern code libraries and practices, like GitHub or Bitbubble. The challenge remains that these organizations can’t hire enough qualified and highly-cleared developers, to develop, test, and deploy software – within highly cleared environments. NIST published standards for vendor testing of SW Source Code.įor agencies and organizations that deal with highly secure environments, its going to take ingenuity to be able to follow these standards and practices. NIST is creating and outlining workable frameworks to guide our government into true best practices for software development. ![]() What does this mean for development of critical software and DevSecOps?Įxecutive Order 14028 was created to ensure shoring up cybersecurity for the US Government. The Cybersecurity Executive Order dictated publishing guidance outlining security measures for critical software, on Day 60 (see highlighted section in the image below), including vendor testing of source code – published July 11, 2021.
0 Comments
Leave a Reply. |