Posts Categorized: Uncategorized

ISO SAM Standard Talking Points

Exec Summary: The 19770 family of standards provide new way of addressing existing critical problems in IT management, where they enable the creation and management of lean, rightsized and effective infrastructures, and cybersecurity, where they enable accurate hardware and software inventory to be taken and up-to-date patch status to be managed and maintained. These standards… Read more »

ISO IT Asset Management Standards Outreach Meeting

The ISO Working Group for IT Asset Management Standards (WG21) is holding an industry outreach day on Thursday November 9th, 2017. This event is kindly hosted by Oracle Corporation at their facility in Reston, VA.

The purpose of this event is to allow interested representatives of the US Federal, State and Local Governments as well as software and tool vendors and private sector attendees to meet with WG21 members, including with the editors of the standards, learn about ISO developments and direction, discuss some of the ISO standard in details, provide feedback and comments, ask questions, and network with each other.

TagVault.org publishes Software Identification (SWID) Tag Signing Guidelines for Software Security and Compliance with the U.S. Department of Defense Mandate

Piscataway, NJ – 11 September 2017 – TagVault.org, the neutral not-for-profit clearing house for software tagging, primarily focused on software identification tags and related standards in the ISO/IEC 19770 family, announces today the public availability of its SWID Tag Signing Guidelines.  This document defines the best practice for signing SWID tags in accordance with common… Read more »

More Tool Vendors Supporting ISO SAM Standards

Yet another tool vendor has added support for the ISO SAM Standards.  The Sassafras K2 product has added support for 19770-2 (SWID) and 19770-3 (Entitlement)  standards.  See more about their announcement here – http://www.sassafras.com/k2-iso-19770/.

Reference Materials – 2017, 2018

Requiring ISO Standard Electronic SW Data when Purchasing Download this document for ideas on how to include requirements for ISO Standard electronic SW information for identification and entitlements. SWID Tag Signing Guidelines (Public Review) SWID Tags are more authoritative if they cannot be modified – that requires that the tag is signed.  A TagVault.org working… Read more »

TagVault.Org announces that the Department of Defense (DoD) IT Standards Registry now lists Software ID Tags, as defined in ISO/IEC Standard 19770-2, as MANDATORY

Software companies hoping to bid on government contracts in the future must now add a set of standards software ID tags to their software.    Piscataway, NJ – 10 November 2016 TagVault.org Board Chair, Michael Godsey of Microsoft notes that, “Seeing ISO/IEC standard 19770-2 listed as a mandatory standard on the DoD IT Standards Registry provides… Read more »

NIST Publishes Interoperable SWID Tag Guidelines!

NIST-IR 8060 is final and published! The NIST-IR 8060 document was published on Friday, April 22, 2016. NIST, MITRE and the Dept of Homeland Security have worked together to create a set of guidelines that specify the data requirements for SWID tags from commercial software providers that will enable a number of use cases in… Read more »

SAVE THE DATE – April 26-27 – SWID Tag Implementation Workshop!

The National Institute of Standards and Technology (NIST) is pleased to announce a workshop on Software Identification (SWID) Tag Implementation and Use. This event will be held from 9:00 a.m. to 5:00 p.m. on 26 April and 9:00 a.m. to 3:00 p.m. on 27 April at the National Cybersecurity Center of Excellence (NCCoE), 9700 Great Seneca Highway, Rockville, MD.

19770-3 is approved to move to publication!

The Final Draft of the international standard, ISO/IEC 19770-3 was approved by the International Community in February of 2016.  This means that the standard moves to an ISO editorial process to ensure it meets all formatting, editorial and other documentation requirements.  The standard will be published soon When published, the front matter of the standard… Read more »

SWID Tag Signing Working Group

If you’re interested in participating in the SWID tag signing working group, login to your members page and add your name to the working group there.  If you need details on how to get to the members area, let Jane, or Steve know and we’ll be happy to provide the information you need.  If you… Read more »