The Open Source Security Foundation (OpenSSF) has announced the release of Supply-chain Levels for Software Artifacts (SLSA) v.1.0 with structure changes designed to make…
Tag:
OpenSSF
-
-
Application SecurityNewsSecurity
OpenSSF releases npm best practices to help developers tackle open-source dependency risks
The Open Source Security Foundation (OpenSSF) has released the npm Best Practices Guide to help JavaScript and TypeScript developers reduce the security risks associated…
-
Application SecurityNewsSecurity
How OpenSSF Scorecards can help to evaluate open-source software risks
Everyone knows the phrase “software is eating the world” by Marc Andreessen from over a decade ago. Software powers and touches nearly every aspect…