The National Institute of Standards and Technology released a draft of best practices for the mitigation of software vulnerabilities. NIST said Tuesday that it recommends organizations using the agency's "secure software development framework" for the management of software development life cycles.
The framework proposes practices to prepare organizations, protect software, produce well-secured software and respond to vulnerability reports. Listed practices identify the tools, personnel and actions that NIST says are needed to mitigate software vulnerabilities. The full report and list of practices can be found here.
The agency also seeks public comments on the framework. Interested parties may submit responses through Aug. 5.