Inside Cybersecurity

May 13, 2021

Daily News

NTIA software supply chain initiative exploring how to address most critical vulnerabilities

By Sara Friedman / May 3, 2021

Two working groups in a software transparency effort convened by the Commerce Department are doing research on how to identify and address the top-priority vulnerabilities throughout a software supply chain.

The project is called Vulnerability Exploitability eXchange (VEX) and the groups are exploring how to map out a vulnerability up and down supply chain tiers and to determine what is most important. The framing working group in the National Telecommunications Information Administration’s Software Bill of Materials initiative is leading the...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.