Software Component Verification Standard
  • Cover
  • Frontispiece
  • Preface
  • Using SCVS
  • Assessment and Certification
  • V1 Inventory
  • V2 Software Bill of Materials
  • V3 Build Environment
  • V4 Package Management
  • V5 Component Analysis
  • V6 Pedigree and Provenance
  • Guidance: Open Source Policy
  • Appendix A: Glossary
  • Appendix B: References
Powered by GitBook
On this page
  • OWASP Projects
  • Community Projects
  • Others
  • SBOM Formats

Appendix B: References

PreviousAppendix A: Glossary

Last updated 4 years ago

The following resources may be useful to users and adopters of this standard:

OWASP Projects

Community Projects

Others

SBOM Formats

OWASP Packman
OWASP Software Assurance Maturity Model (SAMM)
Open Source Security Foundation - Threats, Risks, and Mitigations in the Open Source Ecosystem
InnerSource
Cybersecurity Maturity Model Certification (CMMC)
NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
NIST 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations
NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
NTIA Documents on Software Bill of Materials
Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk
Guide on Cybersecurity Procurement Language in Task Order Requests for Proposals for Federal Facilities
Energy Sector Control Systems Working Group (ESCSWG)
CycloneDX
SPDX
SPDX XML
ISO/IEC 19770-2:2015 (SWID)