Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

White Paper (Draft)

Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)

Date Published: June 11, 2019
Comments Due: August 5, 2019 (public comment period is CLOSED)
Email Questions to: ssdf@nist.gov

Author(s)

Donna Dodson (NIST), Murugiah Souppaya (NIST), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Keywords

secure software development; secure software development framework (SSDF); secure software development practices; software acquisition; software development; software development life cycle (SDLC); software security
Control Families

Access Control; Awareness and Training; Contingency Planning; Program Management; Personnel Security; System and Information Integrity

Documentation

Publication:
SSDF Draft

Supplemental Material:
None available

Document History:
06/11/19: White Paper (Draft)
04/23/20: White Paper (Final)