PUBLICATION

Defending Against Software Supply Chain Attacks

Related topics:

Information and Communications Technology Supply Chain Security

This resource, released by CISA and the National Institute of Standards and Technology (NIST), provides an overview of software supply chain risks and recommendations on how software customers and vendors can use the NIST Cyber SCRM (C-SCRM) Framework and the Secure Software Development Framework (SSDF) to identify, assess, and mitigate software supply chain risks. It also provides in-depth recommendations and key steps for prevention, mitigation, and resilience of software supply chain attacks.

Defending Against Software Supply Chain Attacks

Resource Materials

Tags

SBOM Sharing Roles and Considerations

SBOM-a-Rama February 2024 Session Presentations

Secure Software Development Attestation Form

SBOM Listening Sessions 2022

Defending Against Software Supply Chain Attacks

Resource Materials

Tags

Related Resources

SBOM Sharing Roles and Considerations

SBOM-a-Rama February 2024 Session Presentations

Secure Software Development Attestation Form

SBOM Listening Sessions 2022