CSOonline

CISA’s AI SBOM guidance pushes software supply-chain oversight into new territory

The guidance gives CISOs a way to press vendors on AI transparency, but analysts say the hard part will be proving that disclosures match reality. The US Cybersecurity and Infrastructure Security ...
Nextgov

OMB reverses Biden-era software attestation order

A new executive branch memorandum instead allows agencies to lean on software bills of materials, or SBOMs, in lieu of a universal attestation framework. Software Development OMB Cyber Defense The ...
SD Times

From SBOM to AI BOM: Rethinking supply chain security for AI native software

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
The National Law Review

Software Bill of Materials Guidance for Government Contractors

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...
Healthcare IT News

CISA releases updated draft guidance for SBOM minimum elements

The Cybersecurity and Infrastructure Security Agency has released long-awaited updated guidance on the Minimum Elements for a Software Bill of Materials, and is accepting public comments through Oct.
Infosecurity-magazine.com

CISA Seeks Biden Era's SBOM Minimum Requirements Guideline Change

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a request for comment on an updated version of a government guideline listing the minimum elements required for a software ...
Developer Tech

Python targets phantom dependencies threat with SBOM proposal

A whitepaper from the Python Software Foundation’s (PSF) own Security Developer-in-Residence, Seth Larson, sounds the alarm on “phantom dependencies” and offers a solution with the PEP 770 proposal ...