CSOonline

NIST provides solid guidance on software supply chain security in DevSecOps

Key recommendations from the NIST’s latest guidance and why they are relevant to modern organizations developing and delivering software. Software supply chain (SSC) attacks continue to be one of the ...
JD Supra

Could Careless Coders Face False Claims Liability?

Software producers at all levels in the federal supply chain should prepare to attest that their software development practices comply with National Institute of Standards and Technology (NIST) ...
Government Executive

A Powerful Ally in Meeting NIST SSDF Code Security Requirements

Download Sonar’s concise guide from NIST for actionable practices to build secure software, meet regulatory requirements and reduce software vulnerabilities—essential reading for any development team ...