CISA, NSA Unveil Recommended Security Practices for Software Suppliers

1 min read

The Cybersecurity and Infrastructure Security Agency, the Office of the Director of National Intelligence and the National Security Agency have jointly published a recommended security practices guide intended for software suppliers.

The document, titled “Securing the Software Supply Chain: Recommended Practices Guide for Suppliers,” outlines suggested procedures for software security checks and vulnerability response and management, the NSA said Monday.

NSA said that software suppliers act as a link between customers and developers and must implement additional security features to eliminate vulnerabilities.

The guidance was developed through the Enduring Security Framework, a public-private partnership that develops guidelines for securing the U.S. critical infrastructure and improving national security.

The framework is the second portion of a three-part joint publication series from ESF. The partnership released a version of the guidance for software developers in September and will unveil an edition for software customers in the future.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Cybersecurity