Enduring Security Framework (ESF)

December 7, 2022

New supply chain mandates: Uncle Sam wants you (to secure your software)!

Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group. 
September 19, 2022

White House memo calls for software supply chain security, takes a step closer to mandating SBOMs

The new memorandum calls on firms selling software to the federal government to attest to its conformity with NIST security standards. Here's what you need to know.
September 7, 2022

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs: The State of Open Source Software Security ConversingLabs: The State of Open Source Software Security
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: SBOMS and threat modeling ReversingGlass: SBOMS and threat modeling
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software
Analyzing Risks To Your Software Supply Chain