Industry leaders unite to design integrated solutions to improve software supply chain security Under NISTโs Secure Software Development Framework
DigiCert, a leading global provider of digital trust, announced its participation in the National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) project focused on Secure Software Development, Security, and Operations (DevSecOps) Practices. DigiCert joins 13 other technology collaborators, including Google, Microsoft, IBM, Palo Alto Networks, CyberArk, Dell Technologies, and GitLab, to help design and demonstrate integrated solutions that improve security across the software supply chain.
As software supply chain attacks continue to rise, organizations need trusted, proven ways to harden their development environments. This project, sponsored by the U.S. Federal government, provides an independent evaluation of how to integrate leading technologies in a way that enhances software integrity and operational security, without favoring any particular vendor.
Read More on CIO Influence:ย The Road to AI-Native Wireless: Why Traditional RAN Must Evolve
โSecure software development too often relies on fragmented tools that donโt integrate well or scale across the software lifecycle,โ saidย Timย Hollebeek,ย Vice President of Industry Standards atย DigiCert. โThis project helps demonstrate how trusted technologies can work together to create a more cohesive, risk-based approach to DevSecOps, aligning with NISTโs guidance while offering practical solutions to the market.โ
The NCCoE’s collaborative approach marks the first time these specific technologies have been brought together to form a comprehensive solution for secure software development, operations, and monitoring. The project stands out for its focus on applied, real-world implementations, going beyond theory to show how to achieve security and compliance goals using current tools and practices.
The public is encouraged to review and comment on the NIST SP 1800-44 Draft, now available online. Stakeholders are also invited to participate in an upcomingย virtual event hosted by NIST on August 27, where project collaborators will discuss insights, implementation guidance, and community engagement opportunities.
Catch more CIO Insights: What is Shadow IT and why does it matter for enterprise security?
[To share your insights with us, please write to psen@itechseries.com ]
