Adopting SSDF: US Government Best Practices for Securing Your Software Supply Chain
July 22, 2024
As governments fight back against software supply chain threats, software providers are facing increased pressure to either comply with new rules or lose significant revenue. One example is the new U.S. attestation form, which requires vendors to self-attest by Sept 11, 2024 to following secure development practices in order to do business with federal agencies. Is your organization prepared?
Unfortunately, many are not. While the U.S. has endorsed guidelines in the form of the Secure Software Development Framework (SSDF), organizations struggle with the perceived overhead of implementing best practices and prioritizing security over code delivery.
In this webinar, we’ll discuss how you can bridge the gap between theory and practice so that you can achieve government mandates while ensuring your open source supply chain is secure for all customers without burdening your development team.
Key Takeaways:
- Government mandates for secure software development practices
- How to secure open source in your software supply chain
- Adopting SSDF practices more easily with automation
- How to meet attestation requirements (Software Bill of Materials, Provenance Attestations, isolated environments, etc.)
- Reducing Mean Time to Remediation (MTTR) with increased open source observability
Watch and gain actionable advice for achieving secure software development practices!
.webp)
.jpeg)
.jpeg)