Inside Cybersecurity

May 18, 2022

Daily News

NIST publishes final guidance addressing secure software taskings in cyber EO

By Sara Friedman / May 9, 2022

The National Institute of Standards and Technology has released software supply chain guidance addressing various aspects of its work completed over the past year to fulfill taskings from the 2021 cyber executive order.

The guidance provides details on EO-critical software, software verification, Software Bill of Materials, “enhanced vendor risk assessments,” open source controls and vulnerability management.

NIST originally published the guidance as an appendix in the draft update NIST Special Publication 800-161, and took the material out of the final...

Log in to access this content.

Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.