Today we jointly released cybersecurity guidance on Secure-by-Design memory safe roadmaps, in partnership with the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Canadian Centre for Cybersecurity (CCCS), New Zealand National Cybersecurity Centre (NCSC-NZ) and Computer Emergency Response Team New Zealand (CERT NZ), and United Kingdom’s National Cybersecurity Centre (NCSC-UK).
The publication supports a Secure-by-Design approach, which urges technology providers to take ownership of their customers’ security outcomes by building cybersecurity into the design and development of technology products.
The publication calls upon software manufacturers to prioritise design and implementation practices to reduce customer risk, emphasising the use of memory safe programming languages in their products. Software manufacturers should also create and publish memory safe roadmaps, and plan for how they will eliminate memory safety vulnerabilities in their products.
Find out more about this important joint initiative and read the full publication.