Email this Article Email   

CHIPS Articles: Mitigate the Risk of Software Vulnerabilities: Adopt a Secure Software Development Framework

Mitigate the Risk of Software Vulnerabilities: Adopt a Secure Software Development Framework
By CHIPS Magazine - June 12, 2019
The National Institute of Standards and Technology released a Draft Cybersecurity White Paper for public comment that facilitates communications about secure software development practices among business owners, software developers, and cybersecurity professionals within an organization.

The paper, Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework, recommends a core set of high-level secure software development practices, called a secure software development framework (SSDF), to be added to each software development life cycle (SDLC) implementation, NIST said in a statement.

Following these practices should help software producers reduce the number of vulnerabilities in released software, mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities, and address the root causes of vulnerabilities to prevent future recurrences. Software consumers can reuse and adapt the practices in their software acquisition processes, NIST recommended.

Publication: SSDF Draft

The public comment period ends August 5, 2019. See the publication details link for a copy of the document and instructions for submitting comments. Email comments to ssdf@nist.gov

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer