Posts Categorized: Uncategorized

The US Department of Homeland Security (DHS) recently joined TagVault.org as a board member.  This allows the DHS to be engaged with commercial providers such as Microsoft, IBM and Symantec to determine how TagVault.org can best support the wider software community in its efforts to evangelize SWID tags. The reason the DHS joined the TagVault.org board… Read more »

The US National Institute of Standards and Technology (NIST) is working on an internal report (NIST-IR) that lays out the specific guidelines for how the US Government expects to use the data form SWID tags.  This publication includes details on how data will be used from an operational perspective and provides a number of use-cases… Read more »

Anti-Malware Support Services (AMSS) is developing the Clean File Metadata eXchange (CMX) to identify files that are from commercially defined and deployed software.  The CMX repository is designed to help security companies keep up with the ever changing landscape of commercially published and known files to differentiate them from a potential malware threat. The CMX repository provides one… Read more »

The installation toolkit WiX (supported by FireGiant) is the first Windows installer toolkit to support the latest revision of the SWID Tagging Standard (19770-2:2015).  FireGiant provides dedicated support to the WiX open source toolkit and they’ve recognized the importance of accurate software identification when it comes to licensing and security!  As an open source tool,… Read more »

The 2015 revision of the SWID tagging standard has been in development for a number of years.  The primary focus was threefold – first, ensure that SWID tag data could be interpreted and used efficiently by software purchasing organizations and tools.  Second, to ensure that software publishers are able to create SWID tags in a… Read more »

The Trusted Network Connect (TNC) is an open architecture for Network Access Control as defined by a working group of the Trusted Computing Group (TCG).  On the 3rd of August, 2015, TCG published the document, “SWID Message and Attributes for IF-M”.  The description of this as written on the TCG/TNC blog – The Trusted Network… Read more »

NIST has been working on an internal report (NISTIR) focused on the guidelines for the creation of interoperable Software Identification (SWID) Tags. This publication is focused on how SWID tags will be used from an operational perspective and provides a number of use cases focused on end-user scenarios.

The ISO/IEC 19770-2 standard that defines the structure of SWID tags has taken a major step forward. The document went through its final review with all the participating countries and achieved unanimous approval.

NIST has release NIST-IR-8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags for public comment. Get the link to download and review before June 15th.

The Trusted Computing Group (TCG) has developed a number of standards around the Trusted Network Computing (TNC) architecture. The latest of these standards that’s open for public review is the SWID Message and Attributes specification. The review window is open until May 31, 2015