Overview of the Voluntary Pledge for Enterprise Software Products and Services

Software manufacturers across the industry are coming together to make a voluntary pledge to improve the security of their enterprise software products and services. This pledge, focused on on-premises software, cloud services, and software as a service (SaaS), aims to enhance cybersecurity measures and promote transparency within the industry.

By participating in the pledge, software manufacturers are committing to work towards seven key goals over the next year. These goals include implementing core criteria such as vulnerability management, secure development practices, and incident response capabilities. Manufacturers are encouraged to publicly document their progress towards these goals, showcasing their commitment to improving cybersecurity practices.

While the pledge is voluntary and not legally binding, it represents a significant step towards enhancing the security of software products and services. Companies who already meet or exceed the goals outlined in the pledge are encouraged to share their approaches and go above and beyond in their cybersecurity efforts.

This pledge is designed to complement existing software security best practices and support the adoption of measures that promote a secure by design posture. By working together to improve cybersecurity practices, software manufacturers are taking proactive steps to protect their customers and enhance the overall security of the industry.