A new White House memo on software supply chain security goes some way to addressing tech industry concerns about the use of third-party cybersecurity assessors.

The agencies have worked with industry to develop a set of recommendations that includes more in-depth source code reviews.

Many in government and industry want software bills of materials to be the development compliance standard.

Contractors have called for the software bill of materials to become a universal standard for secure development compliance.

OMB has submitted two proposals for updating contract language to the FAR Council.

Practical deadlines for vendors and a concrete process for using the information SBOMs contain at agencies are needed, security experts say.

Tech industry leaders call for greater consistency in the checks and controls required by different federal agencies.

Companies want clarification from government over what specific artifacts and metadata it wants to assess.