U.S. government agencies' software supply chains are under increasing risk of attack. To help protect the agencies, the National Institute of Standards and Technology (NIST) unveiled the latest Secure Software Development Framework (SSDF), which calls for tighter controls throughout the software development lifecycle and describes a set of best practices for organizations – and their third-party suppliers – to follow.