Spectra Assure SAFE
Learn more about SAFE to keep the security of your software up to par.
What is SAFE?
In the context of Spectra Assure, SAFE can be described as a collection of guidelines and best practices that covers general processes and recommendations for developing and publishing secure software.
SAFE is focused primarily on the security of final software packages and their binary verification. Therefore, by implementing SAFE into their SDLC, software publishers and consumers can achieve alignment on security expectations for the software they produce and use.
In SAFE, the security criteria are represented as a maturity model with 5 SAFE levels. Every SAFE level defines requirements that a software package must satisfy in order to be considered secure at a particular stage of software maturity.
The SAFE report clearly illustrates the effort and actions needed to progress to the next SAFE level. Organizations can then use this as a roadmap towards increased security performance.
Along with the security guidance in the form of SAFE levels, the SAFE report offers the most comprehensive SBOM and risk assessment of any software package version to illustrate what a secure and trusted software looks like.
The risk assessment comes in the form of a SAFE assessment card and as such, serves as a high-level, human-readable overview of the types of issues identified in the analyzed software.
This allows software producers to get early and actionable feedback on software supply chain risks that could damage their organization.
SAFE ensures organizations get the information they need, saving them time and other resources, as well as increasing their confidence in the security and reliability of the software they develop or use.