Software group BSA updates security framework, mapped to NIST’s latest work

A revised, industry-crafted framework for software security offers more guidance on addressing supply-chain threats and maps to NIST’s recent work on the topic, according to Tommy Ross of BSA -- The Software Alliance, who said the tool is increasingly important as risks grow and government policymakers reach for solutions that could include regulation.

“There has been a steady uptick in threats to the software supply chain, which has increased the focus on securing the development environment,” Ross, BSA’s senior director...