Software companies and industry leaders praised a White House decision to extend the deadline for agencies to begin collecting software security attestation forms from contractors, while calling for further clarity regarding the specific details that vendors will need to provide to the federal government.
Acquisition and Information Technology security officials previously raised concerns about the Office of Management and Budget guidance issued last year. The guidance required software vendors to attest to the security of their products for federal agency customers. However, some vendors said it lacked comprehensive information about the explicit criteria that should be included in their attestations.