White House Guidance Recommends SBOMs for Federal Agencies

  /     /     /  
Publicated : 23/11/2024   Category : security


White House Guidance Recommends SBOMs for Federal Agencies


New executive order stops short of mandating NISTs guidelines, but recommends SBOMs for federal agencies across government.



The Biden White House has released a new cybersecurity executive order outlining guidelines for software supply chain security, including the suggestion that federal agency CIOs start requiring documentation of secure development and software bills of materials (SBOMs).
In a memo sent to the heads of executive departments and agencies, the White House Office of Management and Budget outlines
supply chain cybersecurity best practices
established by the National Institute of Standards and Technology (NIST), which would recommend a full software inventory assessment, collecting statements from each outside software vendor that its products conform to the
NIST supply chain security framework
, and a requirement for SBOMs when purchasing new software.
As agencies develop requirements that include the use of new software, they must request confirmation that the software producer utilizes secure software development practices, the OMB memo said. This could be accomplished through specification of these requirements in the Request for Proposal (RFP) or other solicitation documents, but regardless of how the agency ensures compliance, the agency must ensure that the company implements and attests to the use of secure software development practices consistent with NIST Guidance, throughout the software development lifecycle. 

Last News

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
White House Guidance Recommends SBOMs for Federal Agencies