US Gov Issues Software Supply Chain Security Guidance for Customers

From securityweek.com

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) this week released the last part of a three-part joint guidance on securing the software supply chain.

The guidance was created by the Enduring Security Framework (ESF), a cross-sector working group focused on mitigating risks to critical infrastructure and national security, and provides recommendations on software supply chain security best practices to developers, suppliers, and organizations.

Read more…