Google releases new open-source security software program
By MYBRANDBOOK
According to the Synopsys Cybersecurity Research Center (CyRC) 2021 “Open Source Security and Risk Analysis” (OSSRA) report, 95% of all commercial programs include open source software. According to the number of CyRCs, most of that code contains old or insecure code. But how can you determine which libraries and other components are safe without digging deep into your code? Google and the Open Source Security Foundation (OSSF) have a quick and easy answer, the OpenSSF Security Scorecard.
As per Texasnewstoday, these scorecards are based on an automated set of pass / fail checks and provide a quick review of many open source software projects. Scorecard projects are automated security tools that generate “risk scores” for open source programs.
This is important because only some organizations have implemented systems and processes to check for new open source dependencies on security issues. However, even with Google, using all of its resources makes this process tedious, manual, and error-prone. To make matters worse, many of these projects and developers are resource-constrained. result? Security often has a lower priority in the task list. This makes critical projects vulnerable to exploits without following proper security best practices.
The Scorecard project hopes that the release of Scorecard v2 will facilitate security checks and facilitate security implementation. This includes making new security checks, scaling up the number of projects to be scored, and making this data easily accessible for analysis.
For developers, scorecards help reduce the effort and manual effort required to continuously evaluate package changes as they maintain the project’s supply chain. Consumers can automatically access risk to make informed decisions about program acceptance, look for alternative solutions, and work with maintainers to make improvements.
Happiest Minds brings in an innovative GenAI chatbot
Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...
Government mandates encryption for CCTV cameras to ensure netw
In the wake of issuing an internal advisory on securing CCTV cameras at g...
TRAI recommends allowing only Indian entities to participate i
The Telecom Regulatory Authority of India (TRAI) has recommended that onl...
Galaxy AI is available on more devices with Samsung One UI 6.1
Samsung has expanded the range of smartphones to which One UI 6.1 and Gala...
AMARA RAJA POWER SYSTEMS LTD.
EXIDE INDUSTRIES LTD.
MICROTEK INTERNATIONAL PVT. LTD.
VERSA NETWORKS INDIA PVT. LTD.
Technology Icons Of India 2023: Rajiv Memani
As Chair of the EY Global Emerging Markets Committee, Rajiv connects e...
Technology Icons Of India 2023: Ashish Kumar Chauhan
Ashish works as the CEO of the National Stock Exchange (NSE). He is al...
Technology Icons Of India 2023: Aalok Kumar
Aalok continues to lead the India business and further strengthen Indi...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
C-DAC keeps India ahead in IT & Electronics R&D space
Centre for Development of Advanced Computing (C-DAC) is the premier R&...
ECIL continues to keep India ahead in the growth of Information Technology and Electronics
ECIL played a very significant role in the training and growth of high...
INFLOW TECHNOLOGIES PVT. LTD.
Inflow Technologies is a niche player in the IT Infrastructure Distrib...
IRIS GLOBAL SERVICES PVT. LTD.
Iris Global services is one of the leading distribution houses that d...
TEXONIC INSTRUMENTS
Texonic has carved a niche for itself in the Technology Distribution i...