Created by the Enduring Security Framework (ESF), a cross-sector working group seeking to mitigate the risks threatening the critical infrastructure and national security, the guidance provides recommendations for developers, suppliers, and organizations.
In September, the three US agencies released the first part of the series, which included recommendations for developers looking to improve the software supply chain’s security.