SolarWinds Announces Its Next-Generation Build System Aligns with NIST Secure Software Developme…>
– wallstreet-online.de
The SolarWinds Next-Generation Build System consistently meets or exceeds the proposed standards of the NIST Secure Software Development Framework by: Conducting software builds in parallel by utilizing three isolated and distinct build environments, where each build step is signed and verified before going through a secure validation environment built to perform a variety of scans and security checks to validate the product before release Advancing beyond zero trust by adopting and implementing an assume breach position to eliminate implicit trust in applications and services Utilizing ephemeral operations in the software development process to eliminate dependencies and remove the opportunity for malicious threat actors to establish a âhome baseâ in systems Deploying automated tools designed to run on a recurring basis to scan for vulnerabilities throughout the development process, including through open-source software vulnerability checks, static code analysis, and dynamic application security testing Generating a software bill of materials (SBOMs), which provides a comprehensive picture of all the components, libraries, tools, and processes used in the build process Following responsible disclosure protocols for verified and validated vulnerabilities President Biden signed Executive Order 14028 in May 2021 with the aim of implementing stronger cybersecurity standards in the Federal Government and improving the software supply chain.
Link: https://www.wallstreet-online.de/nachricht/17145833-solarwinds-announces-its-next-generation-build-system-aligns-with-nist-secure-software-development-framework