DéC 18, 2024 | US
BSA Encourages Alignment of CISA Bad Practices Guide With Other Software Security Efforts
Inside Cybersecurity
By Jacob Livesay
The Cybersecurity and Infrastructure Security Agency should take steps to align its product security bad practices guidance with other federal software policy initiatives including the self-attestation form and National Institute of Standards and Technology guidance, according to BSA | The Software Alliance.
“The document includes resources, but it remains unclear how the authoring organizations understand the practices in the document within the context of the National Institute of Standards and Technology (NIST) Secure Software Development Framework, or the Secure Software Attestation Form,” BSA says in a filing submitted to CISA on Monday.
CISA on Oct. 16 published guidance with the FBI on “risky” practices that tech manufacturers should avoid in the development process, with a particular focus on securing products used in critical infrastructure or national critical functions. The comment period closed on Dec. 16.
Original Posting: https://insidecybersecurity.com/daily-news/bsa-seeks-details-alignment-cisa-bad-practices-guide-other-software-security-efforts
À PROPOS DE BSA
Le Business Software Alliance (www.bsa.org) est le principal organisme de défense et de promotion de l’industrie du logiciel auprès des administrations gouvernementales et sur le marché international. Ses membres comptent parmi les entreprises les plus innovantes au monde, à l’origine de solutions logicielles qui stimulent l’économie et améliorent la vie moderne.