CISA targets software identification in push to boost supply chain security
Cybersecurity Dive October 27, 2023
The plan is part of a wider effort to boost software security using vulnerability management and SBOMs.
The Cybersecurity and Infrastructure Security Agency on Thursday issued a request for comment on how to create a more harmonized system of software identification as part of a larger effort to make the software supply chain more secure.
Since President Joe Biden issued an executive order on improving cybersecurity in 2021, CISA and other federal agencies have been working to prioritize software security by improving vulnerability management and the use of software bill of materials (SBOMs).
The request for comment is designed to establish some uniform parameters to track critical information required to improve software security. Information on known vulnerabilities, what...