New Live Guidelines for Secure Software Development, Security, and Operations Practices
US DevSecOps standards guidance with no immediate Australian AI governance parallel — low priority for APS AI practitioners.
Key points
- NIST NCCoE releases a live DevSecOps guidance document open for public comment until 24 April 2026.
- Guidance is focused on secure software development pipelines, not AI governance or algorithmic systems.
- Limited direct relevance to APS AI governance work; this is a cybersecurity and software engineering item.
Summary
The NIST National Cybersecurity Center of Excellence has published a live guidance document on Secure Software Development, Security, and Operations (DevSecOps) practices, demonstrating how organisations can implement the NIST Secure Software Development Framework using modern pipelines and commercially available tools. The first example implementation uses a Microsoft Azure environment. The document is a rolling publication open for public comment until 24 April 2026. This is a cybersecurity and software supply chain security item; AI is not a subject of the guidance.
"New Live Guidelines for Secure Software Development, Security, and Operations Practices" Source: NIST Information Technology RSS Published: 24 March 2026 URL: https://www.nist.gov/news-events/news/2026/03/new-live-guidelines-secure-software-development-security-and-operations The NIST National Cybersecurity Center of Excellence has published a live guidance document on Secure Software Development, Security, and Operations (DevSecOps) practices, demonstrating how organisations can implement the NIST Secure Software Development Framework using modern pipelines and commercially available tools. The first example implementation uses a Microsoft Azure environment. The document is a rolling publication open for public comment until 24 April 2026. This is a cybersecurity and software supply chain security item; AI is not a subject of the guidance. Retrieved from SIMS, 18 May 2026.