CISA has opened a 30-day Federal Register notice to receive public comments on the draft Secure Software Development Certification Form. CISA developed this form in coordination with the Office of Management and Budget.
With the Secure Software Development Attestation Form, federal departments and agencies will be able to obtain attestation of product security from a software manufacturer before the software is used on government systems. This form will establish a standardized process for the federal government and software manufacturers that will create transparency about the security of software development efforts.
All interested parties are encouraged to review the form and submit input through the Federal Register. Comments are accepted until December 18, 2023.