In October 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a white paper Software Identification Ecosystem Option Analysis. Following the release of that paper, the Department of Homeland Security (DHS), CISA’s parent organization, initiated a request for comment (RFC), which closed last week.

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Aaron Linskens. Read the original post at: https://blog.sonatype.com/openssf-responds-to-cisa-advocates-for-a-multifaceted-approach-to-software-identification