NIST: Adopt a Secure Software Development Framework (SSDF) to Mitigate Risk of Software Vulnerabilities

Jason Green | June 11, 2020 | devops frameworks, Everything Open Source, government, government open source software (GOSS), Industry commentary, NIST, open source goveranance, Open Source Security

This Spring, the National Institute of Standards and Technology (NIST), released updated recommendations (.pdf) to improve software resilience against vulnerabilities. This builds on an earlier, four-part framework released last year. As the ...

Sonatype Blog

Federal DevSecOps Leaders: It’s Time to Join The Conversation

April Downey | April 10, 2020 | COVID-19, devops in government, DevSecOps, DevSecOps Leadership Forum, government, government open source software (GOSS), News and Views

Over the past three years, we’ve held the Federal DevSecOps Leadership Forum in Washington, D.C., where government decision-makers come together and share their DevSecOps journeys on stage with government leaders across the ...

Sonatype Blog

NIST Proposes Standards to Secure Government SDLC

Katie McCaskey | July 31, 2019 | component governance, Everything Open Source, government open source software (GOSS), Industry commentary, open source, open source goveranance, Open Source Security

Earlier this Summer, the National Institute of Standards and Technology (NIST), a part of the U.S. Chamber of Commerce, proposed a set of standards to address software supply chain attacks - and ...

Sonatype Blog

government open source software (GOSS)

NIST: Adopt a Secure Software Development Framework (SSDF) to Mitigate Risk of Software Vulnerabilities

Federal DevSecOps Leaders: It’s Time to Join The Conversation

NIST Proposes Standards to Secure Government SDLC

The Future of Multi-Cloud Security: A Look Ahead at Intelligent Cloud Security Posture Management Solutions

Prevent Catastrophic Data Loss in the Cloud

CISO Roundtable: What We’ve Heard, and What We’re Looking Forward To