Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

White Paper

Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)

Date Published: April 23, 2020

Author(s)

Donna Dodson (NIST), Murugiah Souppaya (NIST), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Keywords

secure software development; secure software development framework (SSDF); secure software development practices; software acquisition; software development; software development life cycle (SDLC); software security
Control Families

Access Control; Awareness and Training; Contingency Planning; Program Management; Personnel Security; System and Information Integrity

Documentation

Publication:
White Paper (DOI)

Supplemental Material:
Local Download (pdf)

Document History:
06/11/19: White Paper (Draft)
04/23/20: White Paper (Final)