Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA, NSA and partners release SBOM cybersecurity guide

Public Sector Action
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

CISA, NSA, and 19 international partners released a joint SBOM guide that advances software supply chain transparency and risk reduction. The guidance gives software producers, purchasers, and operators a shared framework for SBOM generation, analysis, and sharing. It matters because it supports secure-by-design software and easier identification of component-level risk.

Related Happenings

CISA joint guide on agentic AI security

Public Sector Action
First: 01.05.2026 15:00 Last: 01.05.2026 15:00 Sources 1

About this happening: **CISA**, **ASD ACSC**, and other U.S. and international partners published **Careful Adoption of Agentic Artificial Intelligence (AI) Services**, a joint guide for organizations...

Open Happening

CISA-led zero-trust guide for OT environments

Public Sector Action
First: 30.04.2026 17:00 Last: 30.04.2026 17:00 Sources 1

About this happening: US government agencies led by **CISA** released **Adapting Zero Trust Principles to Operational Technology**, giving **OT operators** a framework to improve **critical infrastruct...

Open Happening

CISA releases secure OT communications guide

Public Sector Action
First: 10.02.2026 14:00 Last: 10.02.2026 14:00 Sources 1

About this happening: CISA released **Barriers to Secure OT Communications: Why Johnny Can’t Authenticate**, a new guide meant to help **OT owners and operators** adopt **secure communications** and re...

Open Happening

US National Security Agency (NSA) / Zero Trust Implementation Guidelines (ZIGs) Released Phase One and Phase Two guidance for zero trust maturity for Published on 2026-02-02 152

Public Sector Action
First: 02.02.2026 18:05 Last: 02.02.2026 18:05 Sources 1

About this happening: The **US National Security Agency (NSA)** released **Zero Trust Implementation Guidelines (ZIGs)** to help organizations move toward **target-level zero trust maturity**. The guid...

Open Happening

CISA releases PQC product categories list

Public Sector Action
First: 23.01.2026 14:00 Last: 23.01.2026 14:00 Sources 1

About this happening: On January 23, 2026, CISA released an initial list of product categories for technologies that use post-quantum cryptography (PQC) standards. The resource is intended to help orga...

Latest development: 26.01.2026 18:15

CISA published an initial list of hardware and software product categories that support or are expected to support post-quantum cryptography (PQC) standards, following Executive Order 14306 issued on June 6 2025 and compiled with the National Security Agency (NSA). The guidance covers cloud services, collaboration and web software, endpoint security, and networking hardware and software, while additional categories such as identity and access management (IAM) systems and enterprise security software are still transitioning; organizations are told to prioritize PQC-capable products for future procurements, and automated cryptographic discovery tools plus OT and IoT devices are outside the current scope.

Open Happening

Timeline

  1. 03.09.2025 15:00 2 articles · 8mo ago

    CISA, NSA and 19 international partners release SBOM cybersecurity guide

    Industry Or Public Sector Update

    CISA, NSA, and 19 international partners released a joint guide on software bill of materials (SBOM) to improve software component and supply chain transparency for software producers, organizations procuring software, and operators of software. The guide explains how SBOM generation, analysis, and sharing can help identify component risks, reduce complexity, support interoperability across countries and sectors, and strengthen secure-by-design software practices.

    Show sources
    Open in new tab