This is a potential security issue, you are being redirected to https://csrc.nist.gov.
The NIST NCCoE has launched a new project, Software Supply Chain and DevOps Security Practices. In early 2023, the project team will be publishing a Federal Register Notice based on the final project description to solicit collaborators to work with the NCCoE on the project. NIST held a virtual workshop in January 2021 on improving the security of DevOps practices; you can access the workshop recording and materials here. A second virtual workshop was held in September 2022 on the planned NCCoE DevSecOps project; the workshop recording and presentations are posted.
NIST will leverage existing guidance, practices, and recommendations that may be applicable to DevSecOps. They have been and are being developed by NIST and other US government (USG) agencies, standards development organizations (SDOs), industry, and academia. NIST will also develop mappings to existing informative references to ensure the relationships among frameworks, guidance, practices, and recommendations are clear.
Potential work that can be leveraged includes:
NIST Technology Projects
NIST Technology Guidelines
Government, Industry, and Academia Guidance and Practices