All you need to know about NIST’s SSDF

Don’t be late to the game: With the new OMB memo issued in Sep 2022, the direction is clear

It’s now clear that the SSDF framework, which started as a recommendation, is slowly turning into a directive and will have a real impact on the ability to conduct business in the US (and globally). 

The direction is very clear with the new OMB memo issued in Sep 2022.

With this guide, you will gain a deeper understanding of why the SSDF can no longer be ignored.

This guide covers:

  • The growth in the software supply chain attacks
  • A breakdown of NIST’s SSDF and the four main areas it covers
  • A review of SSDF development and its quick transition from recommendation to a directive
  • The benefits of another supply chain security framework, SLSA
  • The building blocks required for successful software supply chain security
  • The use of continuous assurance and the tracking of every process across the SDLC

Download the guide to make sure you’re not too late to the game.

All Resources

Last Resources

From Trust to Evidence Based continuous compliance in SSC
Watch the recording of our Balck Hat 2024 panel, “From Trust to Evidence-Based Continuous Assurance: The Future of Security Governance and Compliance”. It sparked great…

Watch the Scribe Platform in Action

The CISA Attestation Form – A “How to” Guide From a CISO Who Did It
Navigating the requirements of CISA’s Secure Software Development-Attestation Form can be challenging, especially with impending deadlines (June 11th & September 11th). Watch this insightful webinar…

Get the Guide

To view the Guide, please complete the form

Guide cover