NIST NCCoE Secure Software DevSecOps Practices Publication & Virtual Event

#1695135: NIST NCCoE Secure Software DevSecOps Practices Publication & Virtual Event

Description:	The NIST NCCoE is excited to announce the release of the preliminary draft Volume A of NIST Special Publication (SP) 1800-44, Secure Software Development, Security, and Operations (DevSecOps) Practices, to provide a high-level overview of the guidelines NIST is developing to increase the security of software. In addition, we invite you to join us for a virtual event on August 27, 2025. Background The NCCoE is collaborating with 14 companies through the Software Supply Chain and DevOps Security Practices Consortium as part of NIST’s response to White House Executive Order (EO) 14306, Sustaining Select Efforts to Strengthen the Nation's Cybersecurity and Amending Executive Order 13694 and Executive Order 14144. As stipulated in the EO, NIST is directed to establish the consortium to develop guidelines that demonstrate the implementation of best practices based on NIST’s Secure Software Development Framework (SSDF). Draft Guidance for Public Comment The NCCoE has just released the preliminary public draft Volume A of Secure Software Development, Security, and Operations (DevSecOps) Practices (NIST Special Publication (SP) 1800-44) for public comment. The current version provides a high-level overview of the scope of the project; future guidelines will be released to include a detailed reference and specific implementation guidelines for each of the project’s planned use cases. The NCCoE welcomes public comments on the preliminary draft guidelines through September 12, 2025. The project team plans to release additional drafts of the guidelines incrementally throughout the project, accompanied by public comment periods. Those interested can also join the NCCoE DevSecOps Community of Interest (COI) to stay up to date and collaborate on the project. August Virtual Event Those interested in contributing to the development of the draft guidelines are encouraged to register for and attend our virtual event on August 27, 2025, from 1:00 PM - 3:30 PM EDT. The event will highlight the project’s goals, provide more insight into the project’s planned demonstrations, and include discussions about cybersecurity challenges and recommendations related to secure software development. Participants will be encouraged to provide feedback throughout the event to inform the project’s focus and outputs. Attendance is limited to 500 participants and is first-come, first-serve. There is no fee to attend. A post-event recording will be made available.
More info:	https://content.govdelivery.com/accounts/USNIST/bulletins/3eafa29

Description:

The NIST NCCoE is excited to announce the release of the preliminary draft Volume A of NIST Special Publication (SP) 1800-44, Secure Software Development, Security, and Operations (DevSecOps) Practices, to provide a high-level overview of the guidelines NIST is developing to increase the security of software. In addition, we invite you to join us for a virtual event on August 27, 2025.

Background

The NCCoE is collaborating with 14 companies through the Software Supply Chain and DevOps Security Practices Consortium as part of NIST’s response to White House Executive Order (EO) 14306, Sustaining Select Efforts to Strengthen the Nation's Cybersecurity and Amending Executive Order 13694 and Executive Order 14144. As stipulated in the EO, NIST is directed to establish the consortium to develop guidelines that demonstrate the implementation of best practices based on NIST’s Secure Software Development Framework (SSDF).

Draft Guidance for Public Comment

The NCCoE has just released the preliminary public draft Volume A of Secure Software Development, Security, and Operations (DevSecOps) Practices (NIST Special Publication (SP) 1800-44) for public comment. The current version provides a high-level overview of the scope of the project; future guidelines will be released to include a detailed reference and specific implementation guidelines for each of the project’s planned use cases.

The NCCoE welcomes public comments on the preliminary draft guidelines through September 12, 2025. The project team plans to release additional drafts of the guidelines incrementally throughout the project, accompanied by public comment periods. Those interested can also join the NCCoE DevSecOps Community of Interest (COI) to stay up to date and collaborate on the project.

August Virtual Event

Those interested in contributing to the development of the draft guidelines are encouraged to register for and attend our virtual event on August 27, 2025, from 1:00 PM - 3:30 PM EDT.

The event will highlight the project’s goals, provide more insight into the project’s planned demonstrations, and include discussions about cybersecurity challenges and recommendations related to secure software development. Participants will be encouraged to provide feedback throughout the event to inform the project’s focus and outputs.

Attendance is limited to 500 participants and is first-come, first-serve. There is no fee to attend. A post-event recording will be made available.

More info:

https://content.govdelivery.com/accounts/USNIST/bulletins/3eafa29

Date added	July 30, 2025, 8:39 p.m.
Source	Govdelivery
Subjects	DevOps / DevSecOps NIST / DISA / DoD (Dept of Defence) / NSA USA Guidelines and Checklists PodCasts / Webcast / Webinar / eSummit / Virtual Event etc.
Venue	Aug. 27, 2025, midnight - Aug. 27, 2025, midnight