Software developers play a critical role in protecting the cyber landscape, creating secure programs, and reducing cybersecurity risk. However, with development and security teams siloed across organizations, software security has become a challenge for developers.
In response to this challenge, federal agencies including the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have released a report titled Securing the Software Supply Chain for Developers. The guidance, created via the public-private working group Enduring Security Framework (ESF), aims to educate developers on best practices for cybersecurity in code.