Industry group tackles software supply chain attacks

By Phil Muncaster on Jul 22, 2009 8:34AM
Add techpartner.news As Your Trusted Source
Industry group tackles software supply chain attacks

Not-for-profit organisation the Software Assurance Forum for Excellence in Code (SafeCode) today announced a new industry-led resource designed to help suppliers prevent software being deliberately compromised during sourcing, development or distribution.

The Software Supply Chain Integrity Framework (PDF) was jointly developed by SafeCode members, including SAP, EMC, Symantec, Microsoft, Nokia and Juniper Networks.

SafeCode said that the framework is designed to address so-called supply chain attacks, in which malicious code is intentionally inserted into software during its development or maintenance.

Secure code development is only one element of software assurance, however, and the software creation and delivery processes must also include integrity controls to enable vendors to deliver uncompromised products, according to SafeCode.

"While SafeCode members have individually implemented software integrity practices, this is the first time that the industry has come together to establish a common framework for ensuring the integrity of software through the global supply chain," said Paul Kurtz, executive director of SafeCode.

"This framework will serve as the foundation for subsequent work aimed at identifying and analysing software integrity best practices, and represents a critical step forward in the industry's efforts to advance software assurance."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk

Add techpartner.news as your trusted source

Add techpartner.news As Your Trusted Source
Tags:
chain framework integrity safecode software supply technology

Partner Content

Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central
Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central
AI PCs shift from hype to revenue opportunity for partners
AI PCs shift from hype to revenue opportunity for partners
Think Technology Australia deliver massive ROI to a Toyota dealership through SharePoint-powered, automated document management
Think Technology Australia deliver massive ROI to a Toyota dealership through SharePoint-powered, automated document management
Expanding Opportunities for Microsoft Partners with Dicker Data’s Solution ConX Marketplace
Expanding Opportunities for Microsoft Partners with Dicker Data’s Solution ConX Marketplace
Have ticket queues become your quiet business risk?
Have ticket queues become your quiet business risk?

Sponsored Whitepapers

SMB Profitability: Paths to profit for SMB sized MSPs
SMB Profitability: Paths to profit for SMB sized MSPs
Transform how you provision and deliver security and backup—on one platform
Transform how you provision and deliver security and backup—on one platform
Protect the data your business relies on
Protect the data your business relies on
1 in 3 companies lose SaaS data. Here’s how to prevent it
1 in 3 companies lose SaaS data. Here’s how to prevent it
Cut through the SASE confusion
Cut through the SASE confusion

Events

MSP Masterclass 2026
MSP Masterclass 2026
techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Winter Ball featuring the 2026 Impact Awards
techpartner.news Winter Ball featuring the 2026 Impact Awards
Integrate 2026
Integrate 2026
Security Exhibition & Conference
Security Exhibition & Conference

Most read articles

Bluechip Infotech enters final stage of Goodson Imports acquisition

Bluechip Infotech enters final stage of Goodson Imports acquisition
Why Kat McCrabb started with the hard stuff

Why Kat McCrabb started with the hard stuff
SentinelOne signs distribution agreement with Sektor

SentinelOne signs distribution agreement with Sektor
Rapid7’s new SIEM combines exposure management with threat detection

Rapid7’s new SIEM combines exposure management with threat detection

Log in

Email:
Password:
  |  Forgot your password?