To address stakeholder feedback and questions received since PCI DSS v4.0 was published in March 2022, the PCI Security Standards Council (PCI SSC) has published a limited revision to the standard, PCI DSS v4.0.1. It includes corrections to formatting and typographical errors and clarifies the focus and intent of some of the requirements and guidance. There are no additional or deleted requirements in this revision.| blog.pcisecuritystandards.org
As part of its new cybersecurity executive order, the U.S. Federal government released the minimum required elements for a software bill of materials.| Dependency Heaven
A comprehensive overview of SBOMs (software bill of materials): their data fields, use cases, and formats, why they’re needed, and how to manage them.| fossa.com
Learn about VEX (Vulnerability Exploitability eXchange), which is used to communicate whether vulnerabilities impacting software products are actually exploitable.| Dependency Heaven
See important considerations and recommendations for requesting SBOMs (software bill of materials) from software suppliers.| Dependency Heaven
Explore the FDA's new SBOM requirements for medical devices, detailing the scope, structure, and support information needed for compliance.| fossa.com