How the NIST Secure Software Development Framework impacts open source software

Over the last two years, the U.S. government has been extremely active developing strategies and policies with the intent of improving cybersecurity for our government and for our nation’s citizens and businesses.

At Tidelift, we’ve focused on helping organizations that use open source to build applications understand how these new initiatives will impact their work (you can get caught up on our coverage at our government open source cybersecurity resource center).

Here’s a quick summary:

May 2021: the White House issued Executive Order 14028 on improving our nation’s cybersecurity, which set in motion many of the efforts that followed.
February 2022: as directed by the Executive Order, the National Institute of Standards and Technology (NIST) published NIST Secure Software Development Framework (SSDF), SP 800-218 and the NIST Software Supply Chain Security Guidance.

In this webinar Lauren Hanford, Tidelift VP of product, and Kanish Sharma discussed the NIST Secure Software Development Framework and shared ways organizations can actually follow its guidance, specifically highlighting considerations for the open source software on which all modern software is built.

RSVP: How to reduce your organization's reliance on "bad" open source packages

ON-DEMAND webinar

How the NIST Secure Software Development Framework impacts open source software

Fill out the form below to watch this webinar:

Over the last two years, the U.S. government has been extremely active developing strategies and policies with the intent of improving cybersecurity for our government and for our nation’s citizens and businesses.