all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Secure Software Development Attestation Form: Sonatype helps you comply

Add to bookmarks
March 14, 2024, 8:15 p.m. | iturunen@sonatype.com (Ilkka Turunen)

Sonatype Blog blog.sonatype.com




On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) unveiled the final version of the Secure Software Development Attestation Form. This pivotal document, two years in the making, is set to transform the enforcement of minimum security standards for software purchased by US Federal agencies. Crafted in response to the Executive Order on enhancing national cybersecurity issued in 2021, the form requires vendors supplying software to federal entities to …

agency attestation budget cisa cisa best practices cybersecurity development document enforcement featured federal government infrastructure infrastructure security making management march news and views office office of management and budget omb secure software secure software supply chain security security standards software software development sonatype standards transform version

Visit resource

More from blog.sonatype.com / Sonatype Blog

Sonatype Lifecycle best practices: Getting started and managing SBOMs 1 day, 14 hours ago | blog.sonatype.com
applications best practices critical dependencies +13
DevOps pioneers navigate organizational transformation 1 week, 1 day ago | blog.sonatype.com
depth devops devops transformation download +13
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 1 week, 3 days ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 2 weeks ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 3 weeks ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 3 weeks, 4 days ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 3 weeks, 4 days ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 4 weeks ago | blog.sonatype.com
apache cyclonedx devzone experience +14
Cyber readiness and SBOMs 1 month ago | blog.sonatype.com
academic academic research advanced bills +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior InfoSec Manager - Risk and Compliance

@ Federal Reserve System | Remote - Virginia
View on infosec-jobs.com

Security Analyst

@ Fortra | Mexico
View on infosec-jobs.com

Incident Responder

@ Babcock | Chester, GB, CH1 6ER
View on infosec-jobs.com

Vulnerability, Access & Inclusion Lead

@ Monzo | Cardiff, London or Remote (UK)
View on infosec-jobs.com

Information Security Analyst

@ Unissant | MD, USA
View on infosec-jobs.com
View more jobs