To support the creation of software that is secure against cyber breaches and free of malicious code, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is working with industry partners through a consortium focused on improving software security.
The Software Supply Chain and DevOps Security Practices Consortium is part of NIST’s response to White House Executive Order (EO) 14306, Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144. As stipulated in the EO, the consortium will develop guidelines that demonstrate the implementation of best practices based on NIST’s Secure Software Development Framework (SSDF).
Led by NIST’s National Cybersecurity Center of Excellence (NCCoE), the consortium includes 14 member organizations.
Read this article in full here.
National Institute of Standards and TechnologyThe National Institute of Standards and Technology (NIST) was founded in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major challenge to U.S. industrial competitiveness at the time — a second-rate measurement infrastructure that lagged behind the capabilities of the United Kingdom, Germany and other economic rivals. From the smart electric power grid and electronic health records to atomic clocks, advanced nanomaterials and computer chips, innumerable products and services rely in some way on technology, measurement and standards provided by the National Institute of Standards and Technology. Today, NIST measurements support the smallest of technologies to the largest and most complex of human-made creations — from nanoscale devices so tiny that tens of thousands can fit on the end of a single human hair up to earthquake-resistant skyscrapers and global communication networks.
