ANSI - American National Standards Institute
 Print this article  Previous Next 

NIST Requests Comments on Draft Paper to Adopt Secure Software Development Framework (SSDF)

Comment deadline: August 5, 2019

06/17/2019


The American National Standards Institute (ANSI) encourages its members and relevant U.S. stakeholders to respond to the National Institute of Standards and Technology's (NIST) call for comments on a draft white paper, Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF).

Intended to facilitate communications about secure software development practices amongst business owners, software developers, and cybersecurity professionals within an organization, the white paper recommends a core set of high-level secure software development practices, called a secure software development framework, to be added to each software development life cycle implementation. The practices are intended to help software producers reduce the number of vulnerabilities in released software and mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities, while addressing the root causes to prevent future recurrences.

Questions and comments should be sent to ssdf@nist.gov by the deadline of August 5. 2019.

Keywords

comment    mitigating vulnerabilities    NIST    SDLC    software    SSDF   
ISO 50001:2011 is NOW AVAILABLE