The Inner Circle

Hi All,

NIST just published for Comment | NIST's Secure Software Development Framework (SSDF) Version 1.1

NIST is seeking comments by November 5, 2021, on a new draft document, NIST Special Publication (SP) 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities. NIST used inputs from the public and its June 2021 workshop to shape SSDF version 1.1 in support of NIST's responsibilities under Executive Order (EO) 14028.

Draft SP 800-218 recommends a set of high-level secure software development practices called the SSDF that can be used for all software development. Following these practices helps software producers ensure that the software they develop is well secured. Draft SP 800-218 also maps EO 14028 clauses to the SSDF practices and tasks that help address each clause. Additionally, the SSDF provides a common secure software development vocabulary for software purchasers and consumers.



------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------

hi Michael Roza,
the documents has good approach towards security and secure development but since peoples / organizations can approach verity of material on just one click and almost every site they got the same input a little bit more or less information for a same product. what i was thinking and also working on it to prepare a integrated security frame work which help organization as one window. what is your say on this....?

------------------------------
Anwer Gillani
Systems limited
Systems limited
------------------------------

Original Message:
Sent: Sep 30, 2021 02:05:51 PM
From: Michael Roza
Subject: NIST SP 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities.

Hi All,

NIST just published for Comment | NIST's Secure Software Development Framework (SSDF) Version 1.1

NIST is seeking comments by November 5, 2021, on a new draft document, NIST Special Publication (SP) 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities. NIST used inputs from the public and its June 2021 workshop to shape SSDF version 1.1 in support of NIST's responsibilities under Executive Order (EO) 14028.

Draft SP 800-218 recommends a set of high-level secure software development practices called the SSDF that can be used for all software development. Following these practices helps software producers ensure that the software they develop is well secured. Draft SP 800-218 also maps EO 14028 clauses to the SSDF practices and tasks that help address each clause. Additionally, the SSDF provides a common secure software development vocabulary for software purchasers and consumers.



------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------

Original Message:
Sent: 10/3/2021 4:22:00 AM
From: Anwer Gillani
Subject: RE: NIST SP 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities.

hi Michael Roza,
the documents has good approach towards security and secure development but since peoples / organizations can approach verity of material on just one click and almost every site they got the same input a little bit more or less information for a same product. what i was thinking and also working on it to prepare a integrated security frame work which help organization as one window. what is your say on this....?

------------------------------
Anwer Gillani
Systems limited
Systems limited
------------------------------

Original Message:
Sent: Sep 30, 2021 02:05:51 PM
From: Michael Roza
Subject: NIST SP 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities.

Hi All,

NIST just published for Comment | NIST's Secure Software Development Framework (SSDF) Version 1.1

NIST is seeking comments by November 5, 2021, on a new draft document, NIST Special Publication (SP) 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities. NIST used inputs from the public and its June 2021 workshop to shape SSDF version 1.1 in support of NIST's responsibilities under Executive Order (EO) 14028.

Draft SP 800-218 recommends a set of high-level secure software development practices called the SSDF that can be used for all software development. Following these practices helps software producers ensure that the software they develop is well secured. Draft SP 800-218 also maps EO 14028 clauses to the SSDF practices and tasks that help address each clause. Additionally, the SSDF provides a common secure software development vocabulary for software purchasers and consumers.



------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------