Exec Summary: The 19770 family of standards provide new way of addressing existing critical problems in IT management, where they enable the creation and management of lean, rightsized and effective infrastructures, and cybersecurity, where they enable accurate hardware and software inventory to be taken and up-to-date patch status to be managed and maintained. These standards… Read more »
Posts Categorized: Uncategorized
The ISO Working Group for IT Asset Management Standards (WG21) is holding an industry outreach day on Thursday November 9th, 2017. This event is kindly hosted by Oracle Corporation at their facility in Reston, VA.
The purpose of this event is to allow interested representatives of the US Federal, State and Local Governments as well as software and tool vendors and private sector attendees to meet with WG21 members, including with the editors of the standards, learn about ISO developments and direction, discuss some of the ISO standard in details, provide feedback and comments, ask questions, and network with each other.
Piscataway, NJ – 11 September 2017 – TagVault.org, the neutral not-for-profit clearing house for software tagging, primarily focused on software identification tags and related standards in the ISO/IEC 19770 family, announces today the public availability of its SWID Tag Signing Guidelines. This document defines the best practice for signing SWID tags in accordance with common… Read more »
Yet another tool vendor has added support for the ISO SAM Standards. The Sassafras K2 product has added support for 19770-2 (SWID) and 19770-3 (Entitlement) standards. See more about their announcement here – http://www.sassafras.com/k2-iso-19770/.
SWID Tag Signing Guidelines (Public Review) SWID Tags are more authoritative if they cannot be modified – that requires that the tag is signed. A TagVault.org working group has specified how SWID tags need to be signed. The working group consisted of members from MITRE, NIST, Microsoft and IBM to ensure that the signing approach… Read more »
Software companies hoping to bid on government contracts in the future must now add a set of standards software ID tags to their software. Piscataway, NJ – 10 November 2016 TagVault.org Board Chair, Michael Godsey of Microsoft notes that, “Seeing ISO/IEC standard 19770-2 listed as a mandatory standard on the DoD IT Standards Registry provides… Read more »
NIST-IR 8060 is final and published! The NIST-IR 8060 document was published on Friday, April 22, 2016. NIST, MITRE and the Dept of Homeland Security have worked together to create a set of guidelines that specify the data requirements for SWID tags from commercial software providers that will enable a number of use cases in… Read more »
The National Institute of Standards and Technology (NIST) is pleased to announce a workshop on Software Identification (SWID) Tag Implementation and Use. This event will be held from 9:00 a.m. to 5:00 p.m. on 26 April and 9:00 a.m. to 3:00 p.m. on 27 April at the National Cybersecurity Center of Excellence (NCCoE), 9700 Great Seneca Highway, Rockville, MD.
The Final Draft of the international standard, ISO/IEC 19770-3 was approved by the International Community in February of 2016. This means that the standard moves to an ISO editorial process to ensure it meets all formatting, editorial and other documentation requirements. The standard will be published soon When published, the front matter of the standard… Read more »
If you’re interested in participating in the SWID tag signing working group, login to your members page and add your name to the working group there. If you need details on how to get to the members area, let Jane, or Steve know and we’ll be happy to provide the information you need. If you… Read more »