Federal officials issue supply chain cybersecurity guidance for software developers

CISA and federal partners have released guidance for software developers crafted by a public-private initiative known as the Enduring Security Framework, which aims to provide cybersecurity tools for “addressing high priority threats to the nation’s critical infrastructure.”

The highly anticipated guidance, “Securing the Software Supply Chain: Recommended Practices Guide for Developers,” was released Thursday by CISA, the National Security Agency and the Office of the Director of National Intelligence.

The guidance for developers will be followed by guides for...