Using SD Elements to Comply with US Executive Order 14028 Secure Software Development Recommendations

Few software development life cycle (SDLC) models explicitly address software security in detail. As a result, secure software development practices usually need to be added in. Approaches can vary widely across development teams, leading to confusing and inconsistent secure software development practices. To address this issue, in February 2022, NIST published the final version SP 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities. This framework provides a core set of high-level secure software development practices. Following these practices will help software producers reduce the number of vulnerabilities in released software, mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities, and address the root causes of vulnerabilities to prevent future recurrences. Join us on March 24th at 1:00 p.m. EST to learn more about: How the Executive Order impacts both application security and software development teams Where you should be today, and where you need to get to by May 2022 How to efficiently demonstrate your compliance with key Secure Software Development Framework recommendations using SD Elements Speakers: Jay Ryan, U.S. Federal Government Program Manager, Security Compass Joseph Rowe, U.S. Federal Government Solution Engineer, Security Compass