SDO
Secure Development Organization (SDO)
There is a growing need for organizations to be able to demonstrate that at the organization-level it governs secure development practices. This is where the Secure Development Organization (SDO) certification is very valuable.
There are three (3) different levels of SDO and the levels depend on the number of SCA Practioners and SCA Architects that are employed by the organization:
- Secure Development Organization (SDO)
- Organization registers with The Cyber AB as a SDO and employs:
- 1-2 SCA Practitioners.
- SDO Advanced
- Organization registers with The Cyber AB as a SDO and employs:
- 3+ SCA Practitioners
- SDO Elite
- Organization registers with The Cyber AB as a SDO and employs:
- 3+ SCA Practitioners; and
- 1+ SCA Architects.
Certified Organization For Development Excellence (CODE)
In addition to the organization-wide SDO certification, there is also the ability for an organization to earn the designation as a Certified Organization for Code Excellence (CODE). There are currently two (2) CODE levels:
- CODE 1 - organization successfully demonstrates conformity with the Cybersecurity and Infrastructure Security Agency (CISA) Secure Software Development Attesation Form (SSDAF) (e.g., EO 14028).
- CODE 2 - organization successfully demonstrates conformity with the National Institute for Standards and Technology (NIST) Special Publication 800-207.