SD Times

NIST publishes new draft framework for integrating supply chain security into CI/CD pipelines

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
CSOonline

NIST provides solid guidance on software supply chain security in DevSecOps

Key recommendations from the NIST’s latest guidance and why they are relevant to modern organizations developing and delivering software. Software supply chain (SSC) attacks continue to be one of the ...
CSOonline

NIST workshop provides clues to upcoming software supply chain security guidelines

President Biden’s wide-ranging cybersecurity executive order (EO) issued in May aims to improve software security through a series of guidelines. As the EO directed, the National Institute of ...
Government Executive

A Powerful Ally in Meeting NIST SSDF Code Security Requirements

Download Sonar’s concise guide from NIST for actionable practices to build secure software, meet regulatory requirements and reduce software vulnerabilities—essential reading for any development team ...