CISA has opened a 30-day Federal Register notice to receive public comment on the draft Secure Software Development Attestation Form. CISA developed this form in coordination with the Office of Management and Budget.
With the Secure Software Development Attestation Form, federal departments and agencies will be able to obtain attestation of product security from a software producer before using the software on government systems. This form will establish a standardized process for the federal government and software producers that will create transparency on the security of software development efforts.
All interested parties are encouraged to review the form and submit input through the Federal Register. Comments will be received through Dec. 18, 2023.