Federal agencies share supply chain security tips
September 7, 2022 |
On September 1st, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released tips for securing software supply chains. The guidance was designed by the Enduring Security Framework (ESF), a public-private partnership that addresses threats to US critical infrastructure.
The NSA said, “ Developers will find helpful guidance from NSA and partners on developing secure code, verifying third party components, hardening the build environment, and delivering the code. Until all DevOps are DevSecOps, the software development lifecycle will be at risk.” The ESF plans to release two more supply chain-focused advisories focusing on software suppliers and customers.
Learn more on Bleepingcomputer.com