<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">


Tidelift advisory: Final CISA Secure Software Development Attestation Form released

On Monday March 11, CISA and the Office of Management and Budget (OMB) released the final version of the Secure Software Development Attestation Form ...
Donald Fischer
by Donald Fischer
on March 12, 2024

Donald Fischer

Donald Fischer

Recent Posts

Why Tidelift joined FINOS

By Donald Fischer on March 7, 2024
Today, I’m excited to share that Tidelift has officially joined FINOS, the Fintech Open Source Foundation.

Software liability changes are coming. Are you ready?

By Donald Fischer on March 6, 2024
This week, CyberScoop reported on new developments in U.S. software cybersecurity liability:

New White House ONCD report highlights importance of proactive approach to software security

By Donald Fischer on February 26, 2024
This morning, the U.S. White House Office of the National Cyber Director (ONCD) released a new report entitled Back to the Building Blocks: A Path ...

CISA announces the Open Source Software Security Roadmap

By Donald Fischer on September 13, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) just released the Open Source Software Security Roadmap, the latest step in the U.S. ...

Tidelift advisory: How the National Cybersecurity Strategy Implementation Plan impacts open source

By Donald Fischer on July 13, 2023
This week, the White House unveiled its implementation plan for the strategies outlined in the National Cybersecurity Strategy that was originally ...

Tidelift advisory: OMB Memo M-23-16 clarifies U.S. government secure software development attestation requirements and deadlines, including for open source

By Donald Fischer on June 10, 2023
On June 9, 2023, the U.S. government Office of Management and Budget released memorandum M-23-16 as an update to the guidance for enhancing the ...

Tidelift advisory: Securing Open Source Software Act advances in U.S. Senate

By Donald Fischer on March 30, 2023
Yesterday, the U.S. Senate Committee on Homeland Security and Governmental Affairs voted to advance bipartisan legislation to help strengthen the ...

Tidelift advisory: Impact of new U.S. National Cybersecurity Strategy on organizations building apps with open source software

By Donald Fischer on March 2, 2023
Today, the U.S. government issued the long anticipated 2023 National Cybersecurity Strategy. This is the next step in a series of recent actions ...

Tidelift advisory | “Text4Shell” Apache Commons Text vulnerability: what you need to know and do

By Donald Fischer on October 19, 2022
In this advisory, we will address the core facts regarding the recently disclosed security vulnerability in the Apache Commons Text project, which ...

Don't miss the latest from Tidelift

Filter by Topic