Top
image credit: Unsplash

Health Agency CISO Looks to Increase Security in Software Transparency Requirements

October 15, 2021

Via: Nextgov

The Centers for Medicare and Medicaid Services’ plan to implement President Joe Biden’s executive order on software procurement will require more than the bare minimum from contractors.

The executive order will require agencies to obtain a software bill of materials—typically described as an ingredients list of the code libraries that make up a particular application—from vendors. But not all SBOM standards are created equal. Leading standards for their formulation include SWID (Software Identification), SPDX (Software Package Data Exchange), and Cyclone DX, and some only require basic licensing or version information.

Read More on Nextgov