Information and communications technology (ICT) is integral for the daily operations and functionality of U.S. critical infrastructure. The ICT supply chain is a complex, globally interconnected ecosystem that encompasses the entire life cycle of ICT hardware, software, and managed services and a wide range of entities including third-party vendors, suppliers, service providers, and contractors. If vulnerabilities within the supply chain are exploited, the consequences can affect all users ...| www.cisa.gov
This set of guidance, led by international cybersecurity authorities, is intended to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers, and internet-facing operational technology (OT) systems.| Cybersecurity and Infrastructure Security Agency CISA
This guide provides information on the benefits of SBOM, common misconceptions and concerns, creation of an SBOM, distributing and sharing an SBOM, and role specific guidance. Also, the document provides information on SBOM related efforts, such as Vulnerability Exploitability eXchange (VEX), OpenC2, and digital bill of materials (DBOM).| Cybersecurity and Infrastructure Security Agency CISA