This session will offer insight to OEMs and component suppliers on developing IT products using good security development processes and to IT buyers to help assure they can procure from those trusted technology providers. We’ll focus on best practices defined in ISO/IEC 20243:2015, for product integrity and supply chain security, and will stress the importance of utilizing CVE and CWE databases.