All you need to know about NIST’s SSDF

Don’t be late to the game: With the new OMB memo issued in Sep 2022, the direction is clear

It’s now clear that the SSDF framework, which started as a recommendation, is slowly turning into a directive and will have a real impact on the ability to conduct business in the US (and globally). 

The direction is very clear with the new OMB memo issued in Sep 2022.

With this guide, you will gain a deeper understanding of why the SSDF can no longer be ignored.

This guide covers:

  • The growth in the software supply chain attacks
  • A breakdown of NIST’s SSDF and the four main areas it covers
  • A review of SSDF development and its quick transition from recommendation to a directive
  • The benefits of another supply chain security framework, SLSA
  • The building blocks required for successful software supply chain security
  • The use of continuous assurance and the tracking of every process across the SDLC

Download the guide to make sure you’re not too late to the game.

All Resources

Last Resources

CI/CD pipelines are notoriously opaque as to what exactly takes place inside. Yes, you do write the list of instructions but how sure are you…
SCM (Source Control Management) security is of high importance as it serves as an entry point to the whole CI/CD pipeline. This repository contains policies…
You have probably heard about the SBOM – Software Bill Of Materials, and you might have even heard that it’s important and useful for security…