All you need to know about NIST’s SSDF

Don’t be late to the game: With the new OMB memo issued in Sep 2022, the direction is clear

It’s now clear that the SSDF framework, which started as a recommendation, is slowly turning into a directive and will have a real impact on the ability to conduct business in the US (and globally). 

The direction is very clear with the new OMB memo issued in Sep 2022.

With this guide, you will gain a deeper understanding of why the SSDF can no longer be ignored.

This guide covers:

  • The growth in the software supply chain attacks
  • A breakdown of NIST’s SSDF and the four main areas it covers
  • A review of SSDF development and its quick transition from recommendation to a directive
  • The benefits of another supply chain security framework, SLSA
  • The building blocks required for successful software supply chain security
  • The use of continuous assurance and the tracking of every process across the SDLC

Download the guide to make sure you’re not too late to the game.

All Resources

Last Resources

Creating an unbreakable chain of custody within CI CD pipelines
CI/CD pipelines are notoriously opaque as to what exactly takes place inside. Yes, you do write the list of instructions but how sure are you…

Hands-on Introduction to GitGat
SCM (Source Control Management) security is of high importance as it serves as an entry point to the whole CI/CD pipeline. This repository contains policies…

Maximizing SBOMs – Discover Top 5 Use Cases for Improving Software Security
You have probably heard about the SBOM – Software Bill Of Materials, and you might have even heard that it’s important and useful for security…

Get the Guide

To view the Guide, please complete the form

Guide cover