Skip to main content

Overview

The Secure Software Development Framework (SSDF) is a set of guidelines for secure software development. It was created by the National Institute of Standards and Technology (NIST) in response to President Biden's Executive Order on improving the nation's cybersecurity.

What does the SSDF do?

  • Helps organizations reduce the number of vulnerabilities in their software
  • Helps organizations protect their applications and systems
  • Helps organizations build user trust
  • Helps organizations comply with industry standards and regulatory requirements

How can organizations use the SSDF?

  • Integrate the SSDF into their existing software development practices
  • Use SSDF conventions to communicate secure software development requirements to third-party suppliers
  • Acquire software that meets the practices described in the SSDF

What are the benefits of the SSDF?

  • Helps organizations identify and mitigate vulnerabilities
  • Helps organizations protect against potential threats
  • Helps organizations enhance software quality
  • Helps organizations address the root causes of vulnerabilities to prevent future recurrences
Last updated on by Sarah Funkhouser