以下のリソースは本標準のユーザーおよび採用者にとって役に立つと思われます。
OWASP Packmanarrow-up-right
OWASP Software Assurance Maturity Model (SAMM)arrow-up-right
Open Source Security Foundation: Threats, Risks, and Mitigations in the Open Source Ecosystemarrow-up-right
InnerSourcearrow-up-right
Cybersecurity Maturity Model Certification (CMMC)arrow-up-right
NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizationsarrow-up-right
NIST 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizationsarrow-up-right
NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizationsarrow-up-right
NTIA Documents on Software Bill of Materialsarrow-up-right
Model Procurement Contract Language Addressing Cybersecurity Supply Chain Riskarrow-up-right
Guide on Cybersecurity Procurement Language in Task Order Requests for Proposals for Federal Facilitiesarrow-up-right
Energy Sector Control Systems Working Group (ESCSWG)arrow-up-right
CycloneDXarrow-up-right
SPDXarrow-up-right
SPDX XMLarrow-up-right
ISO/IEC 19770-2:2015 (SWID)arrow-up-right
Last updated 1 year ago