> The collection of CISA Secure Software Attestation forms begin June 8, 2024
Small correction: this is the deadline for agencies to *have collected* attestations for critical software; not for attestation collection to begin. Isaac On Wed, May 8, 2024 at 11:36 AM Dick Brooks via lists.spdx.org <dick= [email protected]> wrote: > There will be lots of discussion regarding Vulnerability reporting, SBOM’s > and SBOM sharing with the US Government using the CISA RSAA portal. > > > > If you are interested in US Government SBOM work and selling products to > the US Government, then you should seriously consider attending this > conference: > > The collection of CISA Secure Software Attestation forms begin June 8, > 2024. > > > > > https://www.eventbrite.com/e/innovations-in-ict-supply-chain-risk-management-conference-registration-890982100447 > > > > I have successfully shared SPDX and CycloneDX SBOM’s with US Government > agencies using the CISA RSAA portal and will talk about this capability > during the conference. > > > > Thanks, > > > > Dick Brooks > > > > *Active Member of the CISA Critical Manufacturing Sector, * > > *Sector Coordinating Council – A Public-Private Partnership* > > > > *Never trust software, always verify and report! > <https://reliableenergyanalytics.com/products>* ™ > > http://www.reliableenergyanalytics.com > > Email: [email protected] > > Tel: +1 978-696-1788 <(978)%20696-1788> > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#5633): https://lists.spdx.org/g/Spdx-tech/message/5633 Mute This Topic: https://lists.spdx.org/mt/105986056/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
