#SSDF
LightNews LightNews
anchore.com
"It's starting to feel like 2025 is going to be the year of IT compliance"

@josh.bressers.name on why CRA, PLD, DORA, and SSDF updates mean we need CompOps—treating compliance like a DevOps problem, not a security victory lap:

https://anchore.com/blog/compliance-isnt-an-annual-ritual-anymore/
October 31, 2025 at 12:55 AM
saintluciagov.bsky.social
SSDF Uplifting People Transforming Communities (Ocober 20th, 2025)

youtu.be/rEIslVKoWBY
SSDF Uplifting People Transforming Communities (Ocober 20th, 2025)
YouTube video by Saint Lucia Government
youtu.be
October 30, 2025 at 9:39 AM
saintluciagov.bsky.social
The Elderly Affairs Unit within the Ministry of Health, Wellness and Elderly Affairs in collaboration with the Saint Lucia Social Development Fund (SSDF) observed the International Day of Older Persons.

www.youtube.com/watch?v=1Fgj...
Activity for International Day of Older Persons
YouTube video by Saint Lucia Government
www.youtube.com
October 21, 2025 at 9:33 PM
en.afp.com
🇻🇦 Pope Leo XIV has held his first meeting with a group of survivors of sexual abuse by priests, with one participant describing it as a "free-flowing" discussion about what the Church should do.
➡️ u.afp.com/SsdF
Pope Leo XIV gives an audience to pilgrims at the Paul VI Hall in the Vatican, on October 20, 2025
October 20, 2025 at 3:35 PM
ravirockks.bsky.social
Oh, and Ms Easterly doesn't address criticism of the self-attestation form developed by her own agency for lacking key components of NIST SSDF. I wonder why.
archive.li/6ti68
archive.li
October 20, 2025 at 4:58 AM
theladyfromnowhere.bsky.social
Cevizli mi fıstıklı mı? onu bi öğreneyim ona göre sövücem ssdf
October 13, 2025 at 12:55 PM
freeluigisu.bsky.social
kolovyoyo bonkodo ssdf
October 10, 2025 at 8:02 AM
tracyragan.bsky.social
The Secure Software Development Framework (#SSDF) is an important guideline, but how do you achieve the tasks? Join me as I introduce the CICD Cybersecurity Reference Guide, which identifies open-source tools to add to your #DevSecOps pipeline Register at https://bit.ly/4lJ61hC
DevOps Experience 2025
Now in its 10th year, DevOps Experience returns on September 25, 2025, to celebrate a decade of transformation, innovation, and community. This year’s theme, “DevOps Goes Native,” highlights DevOps’ essential role in the rise of Cloud Native, NativeDev, AI NativeDev, and platform engineering—marking both a return to DevOps’ foundational principles and a look forward to its next evolution. As DevOps becomes truly native to the application development and deployment lifecycle, this event explores how the discipline has matured. While tools, practices, and priorities have evolved, DevOps remains the bedrock of modern AppDev and AppSec efforts. Today, DevOps is not a siloed practice—it is organic, embedded, and essential to every phase of delivering secure, reliable, and scalable software. Join us for a day of inspiring keynotes, in-depth technical sessions, and real-world case studies from leading voices across the DevOps community. Learn from AI NativeDev pioneers, Cloud Native practitioners, DevSecOps innovators, and...
bit.ly
September 22, 2025 at 8:31 PM
tracyragan.bsky.social
The Secure Software Development Framework (#SSDF) is an important guideline, but how do you achieve the tasks? Join me as I introduce the CICD Cybersecurity Reference Guide, which identifies open-source tools to add to your #DevSecOps pipeline Register at https://bit.ly/4lJ61hC
DevOps Experience 2025
Now in its 10th year, DevOps Experience returns on September 25, 2025, to celebrate a decade of transformation, innovation, and community. This year’s theme, “DevOps Goes Native,” highlights DevOps’ essential role in the rise of Cloud Native, NativeDev, AI NativeDev, and platform engineering—marking both a return to DevOps’ foundational principles and a look forward to its next evolution. As DevOps becomes truly native to the application development and deployment lifecycle, this event explores how the discipline has matured. While tools, practices, and priorities have evolved, DevOps remains the bedrock of modern AppDev and AppSec efforts. Today, DevOps is not a siloed practice—it is organic, embedded, and essential to every phase of delivering secure, reliable, and scalable software. Join us for a day of inspiring keynotes, in-depth technical sessions, and real-world case studies from leading voices across the DevOps community. Learn from AI NativeDev pioneers, Cloud Native practitioners, DevSecOps innovators, and...
bit.ly
September 18, 2025 at 7:31 PM
tracyragan.bsky.social
The Secure Software Development Framework (#SSDF) is an important guideline, but how do you achieve the tasks? Join me as I introduce the CICD Cybersecurity Reference Guide, which identifies open-source tools to add to your #DevSecOps pipeline Register at https://bit.ly/4lJ61hC
DevOps Experience 2025
Now in its 10th year, DevOps Experience returns on September 25, 2025, to celebrate a decade of transformation, innovation, and community. This year’s theme, “DevOps Goes Native,” highlights DevOps’ essential role in the rise of Cloud Native, NativeDev, AI NativeDev, and platform engineering—marking both a return to DevOps’ foundational principles and a look forward to its next evolution. As DevOps becomes truly native to the application development and deployment lifecycle, this event explores how the discipline has matured. While tools, practices, and priorities have evolved, DevOps remains the bedrock of modern AppDev and AppSec efforts. Today, DevOps is not a siloed practice—it is organic, embedded, and essential to every phase of delivering secure, reliable, and scalable software. Join us for a day of inspiring keynotes, in-depth technical sessions, and real-world case studies from leading voices across the DevOps community. Learn from AI NativeDev pioneers, Cloud Native practitioners, DevSecOps innovators, and...
bit.ly
September 12, 2025 at 3:39 PM
anchore.com
Remember when software compliance was just a sternly worded letter you could ignore?

Now it's market access requirements with real teeth.

EU CRA ≠ suggestions
NIST SSDF ≠ recommendations
Medical device regs ≠ guidelines

New blog ... https://anchore.com/blog/navigating-the-new-compliance-frontier/
September 10, 2025 at 4:56 AM
tracyragan.bsky.social
The Secure Software Development Framework (#SSDF) is an important guideline, but how do you achieve the tasks? Join me as I introduce the CICD Cybersecurity Reference Guide, which identifies open-source tools to add to your #DevSecOps pipeline Register at https://bit.ly/4lJ61hC
DevOps Experience 2025
Now in its 10th year, DevOps Experience returns on September 25, 2025, to celebrate a decade of transformation, innovation, and community. This year’s theme, “DevOps Goes Native,” highlights DevOps’ essential role in the rise of Cloud Native, NativeDev, AI NativeDev, and platform engineering—marking both a return to DevOps’ foundational principles and a look forward to its next evolution. As DevOps becomes truly native to the application development and deployment lifecycle, this event explores how the discipline has matured. While tools, practices, and priorities have evolved, DevOps remains the bedrock of modern AppDev and AppSec efforts. Today, DevOps is not a siloed practice—it is organic, embedded, and essential to every phase of delivering secure, reliable, and scalable software. Join us for a day of inspiring keynotes, in-depth technical sessions, and real-world case studies from leading voices across the DevOps community. Learn from AI NativeDev pioneers, Cloud Native practitioners, DevSecOps innovators, and...
bit.ly
September 9, 2025 at 8:30 PM
tracyragan.bsky.social
The Secure Software Development Framework (#SSDF) is an important guideline, but how do you achieve the tasks? Join me as I introduce the CICD Cybersecurity Reference Guide, which identifies open-source tools to add to your #DevSecOps pipeline Register at https://bit.ly/4lJ61hC
DevOps Experience 2025
Now in its 10th year, DevOps Experience returns on September 25, 2025, to celebrate a decade of transformation, innovation, and community. This year’s theme, “DevOps Goes Native,” highlights DevOps’ essential role in the rise of Cloud Native, NativeDev, AI NativeDev, and platform engineering—marking both a return to DevOps’ foundational principles and a look forward to its next evolution. As DevOps becomes truly native to the application development and deployment lifecycle, this event explores how the discipline has matured. While tools, practices, and priorities have evolved, DevOps remains the bedrock of modern AppDev and AppSec efforts. Today, DevOps is not a siloed practice—it is organic, embedded, and essential to every phase of delivering secure, reliable, and scalable software. Join us for a day of inspiring keynotes, in-depth technical sessions, and real-world case studies from leading voices across the DevOps community. Learn from AI NativeDev pioneers, Cloud Native practitioners, DevSecOps innovators, and...
bit.ly
September 3, 2025 at 6:00 AM
puredrop.bsky.social
おそようございます(´ω`*)

うちの子もお邪魔します((*_ _))ペコリ

#突然ドール紹介

いつも上げてる子以外で。過去写真から。
SSDF の初期の子でオマケキャンペーンのサンプルヘッドの自作メイク子です(n*´ω`*n)

もうね、70cm細マッチョな体系が私的加点ポイントですね。
名前は特に付けていなかったのですが、
最近、我が家では「師尊(しずん)」呼びされてます(ΦωΦ)フフフ…
August 24, 2025 at 4:43 AM
betulaphylla.bsky.social
Şiirden devam ssdf kendi yazdığıma güldüm 😹

Roma mı orman mı kanunlar
Gözü doymak bilmez Karunlar
Dünya döner güneş döner
Diral dedenin düdüğü çalar
Gün gelir hesap döner
August 21, 2025 at 7:57 AM
anchore.com
FedRAMP v5 ✅
DISA STIG ✅
SSDF ✅
EO 14028 ✅
NIST 800-53 ✅
NIST 800-190 ✅

We speak federal fluency 🏛️

https://anchore.com/platform/enforce/

#FedRAMP #NIST #SoftwareSupplyChain #Compliance
August 20, 2025 at 2:04 AM
mkyutani.bsky.social
SSDFは、米国立標準技術研究所(NISTの「セキュア・ソフトウェア開発フレームワーク(SP800-218 Secure Software Development Framework (SSDF))」。
August 3, 2025 at 7:49 AM
mkyutani.bsky.social
サイバー・フィジカル・セキュリティ確保に向けたソフトウェア管理手法等検討タスクフォースの第16回では、経産省がSSDF活用促進と本年度調査・実証手法を提示し、NCSC・DSITの規範やG7 AI向けSBOM要件を整理。金融・ソフト製品分野でのツール活用効果を比較評価し、次年度のSSDF/SBOM for/by AI課題検討を提案した。
https://www.meti.go.jp/shingikai/mono_info_service/sangyo_cyber/wg_seido/wg_bunyaodan/software/016.html
August 3, 2025 at 7:45 AM
ravirockks.bsky.social
'While the SSDF provides a core set of high-level secure software development practices, it does not go into detail about how an organization might create a secure development environment that fits the organization’s objectives. SP 1800-44 will complement the SSDF by offering specific examples ...'
July 30, 2025 at 9:36 PM
ravirockks.bsky.social
'The Software Supply Chain and DevOps Security Practices Consortium is part of NIST’s response to [EO 14306] ... develop guidelines that demonstrate the implementation of best practices based on [NIST SSDF] ...
July 30, 2025 at 9:36 PM
newsen.bsky.social
Launch of Japanese Translation of the Secure Software Development Framework (SSDF)#Japan#Tokyo#Secure_Software#SSDF#Software_Association
Launch of Japanese Translation of the Secure Software Development Framework (SSDF)
The Software Association of Japan releases the Japanese version of NIST's SSDF to enhance secure software development practices across the country.
third-news.com
July 9, 2025 at 3:49 AM
tokyo-days.bsky.social
安全なソフトウェア開発のためのフレームワーク、日本語版が登場!#SSDF#ソフトウェア協会#日本語版

日本のソフトウェア協会が、安全なソフトウェア開発のためのフレームワークSSDFを日本語訳しました。業界全体でのセキュリティ意識向上を目指します。
安全なソフトウェア開発のためのフレームワーク、日本語版が登場!
日本のソフトウェア協会が、安全なソフトウェア開発のためのフレームワークSSDFを日本語訳しました。業界全体でのセキュリティ意識向上を目指します。
tokyo.publishing.3rd-in.co.jp
July 9, 2025 at 3:48 AM
new3rd.bsky.social
安全なソフトウェア開発を支援するSSDF日本語版が登場#東京都#港区#ソフトウェア協会#セキュア開発#SSDF

日本語版のセキュアソフトウェア開発フレームワーク(SSDF)が公開されました。これは多様なステークホルダーに向けたガイドラインです。
安全なソフトウェア開発を支援するSSDF日本語版が登場
日本語版のセキュアソフトウェア開発フレームワーク(SSDF)が公開されました。これは多様なステークホルダーに向けたガイドラインです。
news.3rd-in.co.jp
July 9, 2025 at 3:31 AM
finite-state.bsky.social
Compliance requirements piling up faster than you can track them?

Join Curtis Yanko & Ali Siddiqui on July 16 for a practitioner-led look at aligning your #ProductSecurity program with global standards like NIST SSDF, CRA, & more. Save your seat 👉 t.co/Fcnc2ZTOvT

#SPDL t.co/dGBcrIRj1q
June 26, 2025 at 3:35 PM
fablecorp.bsky.social
I tell my Libertarian friend's, "Ok, you want anarchy. I'm coming over to take all your stuff. What are you going to do?"
Them: "I have a gun."
Me: "Thanks for letting me know you have something valuable! I'm a vet with combat experience, trained with SSDF, I like my odds."
They never respond.
June 22, 2025 at 8:23 PM