From 1238d41a8c72bec8c8d243bb86b6f653a174da3f Mon Sep 17 00:00:00 2001
From: Wes Widner <kai5263499@gmail.com>
Date: Mon, 30 Oct 2017 11:46:03 -0400
Subject: [PATCH] add NIST guidance on reducing software vulnerabilities

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index fe4a792..8db8e25 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,9 @@ A collection of container related security resources
 ### [Security Assurance Requirements for Linux Application Container Deployments](http://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8176.pdf)
 * Department of commerce guidance on container security
 
+### [Dramatically Reducing Software Vulnerabilities](http://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8151.pdf)
+* NIST guidance on reducing software vulnerabilities
+
 ### [CoreOS Clair](https://coreos.com/blog/vulnerability-analysis-for-containers.html)
 * Utility from CoreOS for automated vulnerability analysis for containers
 * [Clair: The Container Image Security Analyzer (by Joey Schorr & Quentin Machu)](https://www.youtube.com/watch?v=Kri67PtPv6s) - Presentation about the Clair platform