以下のリソースは本標準のユーザーおよび採用者にとって役に立つと思われます。
OWASP Packman
OWASP Software Assurance Maturity Model (SAMM)
Open Source Security Foundation: Threats, Risks, and Mitigations in the Open Source Ecosystem
InnerSource
Cybersecurity Maturity Model Certification (CMMC)
NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
NIST 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations
NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
NTIA Documents on Software Bill of Materials
Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk
Guide on Cybersecurity Procurement Language in Task Order Requests for Proposals for Federal Facilities
Energy Sector Control Systems Working Group (ESCSWG)
CycloneDX
SPDX
SPDX XML
ISO/IEC 19770-2:2015 (SWID)
Last updated 10 months ago
Was this helpful?