NIST publishes guide on incorporating software security principles into cloud application development process

The National Institute of Standards and Technology has published guidance on how to ensure the security of the cloud application software supply chain by applying strategies based on the NIST Secure Software Development Framework.

The latest publication “presents strategies for integrating [software supply chain] security” into the “flow processes” that typically make up the cloud application development lifecycle, as well as mapping these strategies into the SSDF. It was published on Monday.

Cloud-native applications are “generally developed through an...