CISA seeks stakeholder feedback on secure by design principles for software manufacturers

The Cybersecurity and Infrastructure Security Agency is asking for input on next steps for its secure by design principles in a request for information that contains questions on how to secure the software development lifecycle and measure the impact of implementing identified best practices.

CISA released the first version of the secure by design principles in April, followed by an October update with more specific guidance for software manufacturers in terms of “manufacturer and customer size, customer maturity,...