TWEBT Tech News

SolarWinds Becomes First Software Provider to Align With New CISA Secure Software Development Guidance

Posted by TWEBT Posted on April 25, 2024

SolarWinds, a leading provider of simple, powerful, secure observability and IT management software, announced it has submitted its Secure Software Development self-attestation in alignment with Cybersecurity and Infrastructure Security Agency (CISA) and Office of Management and Budget (OMB) requirements. In submitting its form to the Repository for Software Attestation and Artifacts (RSAA), SolarWinds is the first software provider to publish CISA self-attestation in alignment with U.S. government requirements of all software providers.

Endorsed by the White House and released by CISA this month, the Secure Software Development Attestation Form is part of a comprehensive Department of Homeland Security (DHS) strategy to fortify the software supply chain, promote transparent information-sharing between the public and private sectors, and encourage a proactive community approach to cyber threats to safeguard the nation’s digital infrastructure.

SolarWinds has taken a significant step in promoting secure software practices by submitting this attestation that its products are designed with security as a foundational element, in line with not only NIST Secure Software Development Framework (SSDF) guidelines but the framework provided by the Office of Management and Budget’s directive (M-22-18). Furthermore, submitting this attestation further underscores SolarWinds’ capability to provide a clear and digitally accessible Software Bill of Materials (SBOM) with detailed insights across all of a digital ecosystem’s components and interdependencies.

“In a landscape where cybersecurity threats are ever-evolving, public-private partnerships remain absolutely paramount for creating a secure and resilient digital infrastructure for our nation,” said Chip Daniels, Vice President of Government Affairs at SolarWinds. “By working hand in hand, we can ensure that our cybersecurity measures are not just reactive but proactively designed to anticipate and mitigate threats. This collaboration across sectors is necessary to support CISA, create unified best practices for information-sharing between companies and government agencies, and develop shared threat intelligence for a more resilient and secure supply chain, nation—and future.”

SolarWinds submitted self-attestation for the following solutions:

  • Hybrid Cloud Observability version 2024.1
  • Hybrid Cloud Observability (formerly Orion) modules:
  • Network Performance Monitor (NPM), NetFlow Traffic Analyzer (NTA), Network Configuration Manager (NCM), VoIP & Network Quality Manager (VNQM), IP Address Manager (IPAM), User Device Tracker (UDT), Virtualization Manager (VMAN), Log Analyzer, Server & Application Monitor (SAM), Server Configuration Monitor (SCM), Storage Resource Monitor (SRM), and Web Performance Monitor (WPM)
  • SolarWinds Observability (as of March 5, 2024)
  • IT Service Management (as of March 17, 2024)

“In order to pioneer secure software development, we understand that security is not just a feature but the very foundation upon which modern digital ecosystems must be built. At SolarWinds, we are committed to setting new standards in cybersecurity, embracing transparency, and fostering a culture of relentless innovation,” said Tim Brown, Chief Information Security Officer and Vice President of Security at SolarWinds. “Our alignment with the latest CISA guidelines is a testament to our unwavering dedication to not only protect our global digital infrastructure but to lead by example. We believe in empowering our customers with solutions that are not just secure by design, but also resilient in the face of evolving threats.”

SolarWinds recently hosted a panel event in Washington, D.C., featuring Congressman Raja Krishnamoorthi (D-IL), Christopher D. Roberti, Senior Vice President for Cyber, Space, and National Security Policy at the U.S. Chamber of Commerce, and SolarWinds President and CEO Sudhakar Ramakrishna. The discussion focused on the evolving nation-state threat actors who are increasingly targeting critical infrastructure and how to build the public-private partnerships needed to combat these threats. The event additionally included a briefing on the SolarWinds suite of secure solutions, designed via its Next-Generation Build System to help government entities streamline and upgrade IT services while meeting constituent needs.

About SolarWinds

SolarWinds (NYSE:SWI) is a leading provider of simple, powerful, secure observability and IT management software built to enable customers to accelerate their digital transformation. Our solutions provide organizations worldwide—regardless of type, size, or complexity—with a comprehensive and unified view of today’s modern, distributed, and hybrid network environments. We continuously engage with IT service and operations professionals, DevOps and SecOps professionals, and database administrators (DBAs) to understand the challenges they face in maintaining high-performing and highly available hybrid IT infrastructures, applications, and environments. The insights we gain from them, in places like our THWACK community, allow us to address customers’ needs now and in the future. Our focus on the user and our commitment to excellence in end-to-end hybrid IT management have established SolarWinds as a worldwide leader in solutions for observability, IT service management, application performance, and database management.

 

 

You might also like

Liongard Appoints Alexander Quilter as Chief Product Officer to Lead Product Vision and Innovation

Posted on September 11, 2025

Origami Risk Launches New Cloud-Native Core Solution for MGAs That Delivers Accelerated Implementation of Key Functions

Posted on September 10, 2025

NEP Scaling Up Connected Solutions Facilities in the U.S.

Posted on September 9, 2025