The CISA Secure Software Development Attestation Form sets cybersecurity standards for US Federal agency software purchases. Learn how Sonatype helps you comply with SSDF guidelines.
New policy grandfathering feature lets you automate open source governance at your own pace by "grandfathering" non-critical policy violations for existing.