Secure Software Self-Attestation Common Form

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

America's Cyber Defense Agency

On April 27, 2023, CISA in accordance with Executive Order 14028 and the Office of Management and Budget’s (OMB) guide in OMB M-22-18, Enhancing the Security of the Software Supply Chain through Secure Software Development Practices, released through regulations.gov a 60-day Request for Comment to solicit public feedback on a self-attestation form to be used by software producers. While OMB is responsible for setting the minimum secure software development practices, CISA is responsible for developing and maintaining the common form.

Secure Software Self-Attestation Common Form

Resource Materials