Standards for Software Liability: Focus on the Product for Liability, Focus on the Process for Safe Harbor

Jim Dempsey, Lawfare: “The secure software development framework promulgated in February 2022 by NIST35 consists mainly of recommended processes…. None of these actually describes a secure product; none identifies a weakness that should be avoided.”