NIST Guidance Raises Bar For Federal Software Supply Chain

NIST Guidance Raises Bar For Federal Software Supply Chain


NIST, the National Institute of Standards and Technology, released long-awaited guidance on secure software development practices on Friday, formalizing guidance that asks firms selling software to the government to implement a software bill of materials (SBOM) and test for threats in compiled software binaries.

The new guidelines were part of a trove of new guidelines that NIST published late last week, meeting a deadline first laid out in President Biden’s Cyber Executive Order in May 2021. But the published documents still leave questions unanswered, including about who gets to attest to the security of software purchased by government agencies, and the status of code developed by the government, itself.

Article Link: NIST Guidance Raises Bar For Federal Software Supply Chain