Automating NIST Secure Software Development Framework with DigiCert

This technical report outlines the capabilities of DigiCert Software Trust Manager in automating the NIST Secure Software Development Framework (SSDF) Version 1.1. The SSDF aims to reduce software vulnerabilities and their exploitation through fundamental practices for secure software development. The report details how DigiCert Software Trust Manager integrates various features to facilitate the implementation of these best practices without negatively impacting the software development lifecycle. Key functionalities include malware and vulnerability detection, software release management, and secure code signing. The document explains how the software trust manager simplifies the roles and responsibilities within the software development lifecycle, enhances security through multi-factor authentication, and maintains secure environments. It also discusses the importance of securely archiving software releases and verifying their integrity. Overall, the report emphasizes the role of DigiCert Software Trust Manager in enhancing software security and compliance with industry standards.