no more vulnerabilities2022-08-23
So last week the U.S. House of Representatives passed the National Defense Authorization Act for Fiscal Year 2023 which might become the law if it gets Senate approval and is signed into law by President Joe Biden.
This bill is a well intentioned effort to improve the overall standard of the software supply chain in use by the Department of Homeland Security. It requires the submission of a Software Bill of Materials for certification for any software product without any known open vulnerabilities or defects. Currently the NIST NVD and CISA registered databases will be referenced for validation.
I am not sure how succesful this will be as .gov usually prescribe the
what and leave the
how for everyone else to figure out.