Carahsoft, in conjunction with its vendor partners, sponsors hundreds of events each year, ranging from webcasts and tradeshows to executive roundtables and technology forums.

Government Events and Resources

Events

CodeLock-Microsite-Logo.png
CodeLock

Secure Software Development Vendor Attestation Requirements


Event Date: July 10, 2024
Hosted By: CodeLock & Carahsoft

Registrants joined CodeLock for webinar to learn more about how Government software vendors struggle to comply with new secure software development attestation requirements, such as NIST 800-218 and Executive Order 14028. These mandates necessitate extensive documentation and stringent security controls. Vendors face an overwhelming administrative burden and risk losing contracts and reputational damage if they fail to comply.

CodeLock offers a solution by automating the compliance process, generating detailed Software Bills of Materials (SBOMs), integrating with tools for vulnerability assessments, and providing real-time monitoring and alerts. This ensures compliance, enhances security transparency, and helps vendors protect their contracts and reputations.

During the webinar, attendees learned information such as:

  • Understanding Compliance Requirements: Gain a comprehensive overview of new secure software development attestation requirements, including NIST 800-218 and Executive Order 14028, and their implications for government software vendors.
     
  • Navigating Common Pain Points: Learn about the common challenges and pain points faced by software vendors in meeting stringent security and compliance standards, including documentation burdens and vulnerability management.
     
  • Leveraging CodeLock for Compliance: Discover how CodeLock's features, such as compliance tracking, real-time monitoring, Software Bill of Materials (SBOM) generation, and automated vulnerability scanning, can simplify the compliance process and enhance security posture.
     
  • Practical Implementation Strategies: Explore practical strategies for integrating CodeLock into your software development workflow to ensure continuous compliance and secure software development practices.
     
  • Case Studies and Success Stories: Review real-world examples and case studies of how other government software vendors have successfully implemented CodeLock to meet attestation requirements, reduce risk, and maintain contract eligibility.

Resources