CSOonline

NIST defines “critical software” with a broad range of security functions

The goal is to enable stronger security practices for government-purchased software mandated by President Biden's cybersecurity executive order. The EO stipulates that NIST’s definition “shall reflect ...
InfoWorld

What software supply chain security really means

In the beginning, we identified two major types of software supply chain attacks and nine minor types. The world keeps insisting on a broader definition. In the spring of 2020, it really mattered to ...