U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Secure Software Development Framework

Secure Software Development Framework SSDF

News and Updates

SSDF v1.1: Draft SP 800-218 Available for Comment
September 30, 2021
Draft NIST Special Publication (SP) 800-218, "Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities," is open for comment through Nov. 5, 2021.
SSDF: Mitigating Risk of Software Vulnerabilities
April 23, 2020
NIST has published "Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)," a new NIST Cybersecurity White Paper.
Draft White Paper on SSDF
June 11, 2019
A draft white paper, "Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)," is available for public comment until August 5, 2019.

Additional Pages

References

Contacts

SSDF Inquiries
ssdf@nist.gov

Topics

Security and Privacy: systems security engineering, vulnerability management

Technologies: software & firmware

Laws and Regulations: Executive Order 14028

Created February 25, 2021, Updated November 10, 2021