The American National Standards Institute (ANSI) encourages its members and relevant U.S. stakeholders to respond to the National Institute of Standards and Technology's (NIST) call for comments on a draft white paper, Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF).
Intended to facilitate communications about secure software development practices amongst business owners, software developers, and cybersecurity professionals within an organization, the white paper recommends a core set of high-level secure software development practices, called a secure software development framework, to be added to each software development life cycle implementation. The practices are intended to help software producers reduce the number of vulnerabilities in released software and mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities, while addressing the root causes to prevent future recurrences.
Questions and comments should be sent to [email protected] by the deadline of August 5. 2019.