OpenSSF responds to CISA, advocates for a multifaceted approach to software identification

In October 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a white paper Software Identification Ecosystem Option Analysis. Following the release of that paper, the Department of Homeland Security (DHS), CISA's parent organization, initiated a request for comment (RFC), which closed last week.

advocates agency analysis cisa cybersecurity department department of homeland security devzone dhs ecosystem government homeland security identification infrastructure infrastructure security october open source openssf organization release request rfc security software software supply chain week white paper