Published by the National Institute of Standards and Technology (NIST), the so-called Secure Software Development Framework (SSDF) is a “special publication” (800-218) containing recommendations for mitigating the risk of software security flaws. Created in the wake of the infamous SolarWinds attacks, the documentation should theoretically help US federal agencies, software…