CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management (OMB), released proposed guidance on secure software. This guidance seeks to secure software leveraged by the federal government. CISA expects agencies to use this proposed form to reduce the risk to the federal environment, thereby implementing a standardized process for agencies and software producers that will create transparency on the security of software development efforts.
Visit CISA.gov/secure-software-attestation-form for more information and to review the document. The comment period is open until June 26, 2023. CISA is specifically requesting insight on the feasibility, clarity, and usefulness of the document. To submit a comment, click the comment box at the top of Regulations.gov.