All you need to know about NIST’s SSDF

Don’t be late to the game: With the new OMB memo issued in Sep 2022, the direction is clear

It’s now clear that the SSDF framework, which started as a recommendation, is slowly turning into a directive and will have a real impact on the ability to conduct business in the US (and globally). 

The direction is very clear with the new OMB memo issued in Sep 2022.

With this guide, you will gain a deeper understanding of why the SSDF can no longer be ignored.

This guide covers:

  • The growth in the software supply chain attacks
  • A breakdown of NIST’s SSDF and the four main areas it covers
  • A review of SSDF development and its quick transition from recommendation to a directive
  • The benefits of another supply chain security framework, SLSA
  • The building blocks required for successful software supply chain security
  • The use of continuous assurance and the tracking of every process across the SDLC

Download the guide to make sure you’re not too late to the game.

All Resources

Last Resources

In this webinar Tom Alrich and Barak Brudo will discuss how you can fix the fact that VEX is far from being ready, but yet very…
Researchers found a 633% year-over-year increase in software supply chain attacks in 2022 so far, and there has been an annual, overall increase of 742% since 2019. In this Episode, Barak Brudo (Developer Relations Advocate at Scribe Security) and I have discussed some of the finer points of Software Supply Chain Security, from what it is to what you can do today to make your company’s code much more secure (hint, use an SBOM).