|
|
Getting Started in Software Assurance (SwA)Recognizing that your software environment and program’s software supply chain has weaknesses that may be exploited by attackers as operational vulnerabilities is a major step in securing your software supply chain. However, this step pales in comparison to the enormity of securing the entire supply chain for your software. The key to improving your software assurance is to make incremental improvements in the security of the software in your supply chain. No single remedy will absolve or mitigate all of the weaknesses in your software, or the risk. Several methods, tools, and culture changes will be required in concert to build a secure supply chain to cover the known-unknown weaknesses. There is no crystal ball, or magic wand, you can use to ensure your software is absolutely secure against the unknown-unknown weaknesses. However, you can take steps to reduce the risk and exposure of your software and users to new, or existing, software vulnerabilities. This section of the CWE Web site introduces specific steps you can take to assess your individual software assurance situation and compose a tailored plan to strengthen your assurance of the integrity, reliability, and robustness of your software supply chain. Learn more by following the links below: |
|
|
|||
