all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Episode 410 – Package identifiers are really hard

Add to bookmarks
Jan. 8, 2024, midnight | Josh Bressers

Podcast – Open Source Security opensourcesecurity.io

Josh and Kurt talk about package identifiers. We break this down in the context of an OpenSSF response to a CISA paper on software identifications. The identifiers that get all the air time are purl, CPE, SWID, and OmniBOR. This is a surprisingly complex problem space. It feels easy, but it’s not. Show Notes

air cisa context cpe cwe down easy hard josh openssf package podcast problem response security software space swid

Visit resource

More from opensourcesecurity.io / Podcast – Open Source Security

Episode 430 – Frozen kernel security 6 days, 5 hours ago | opensourcesecurity.io
blog blog post discuss episode +10
Episode 429 – The autonomy of open source developers 1 week, 6 days ago | opensourcesecurity.io
apple autonomy conversation curl +17
Episode 428 – GitHub artifact attestation 2 weeks, 6 days ago | opensourcesecurity.io
artifact artifacts attestation beta +16
Episode 427 – Will run0 replace sudo? 3 weeks, 6 days ago | opensourcesecurity.io
attack attack surface big called +11
Episode 426 – Automatically exploiting CVEs with AI 1 month ago | opensourcesecurity.io
can corey doctorow cve cves +16
Episode 425 – Video game cheaters, also pretendo 1 month, 1 week ago | opensourcesecurity.io
benford's law cheat cheaters cheating +18
Episode 424 – The Notepad++ Parasite Website 1 month, 2 weeks ago | opensourcesecurity.io
end everything fake fake website +13
Episode 423 – FCC cybersecurity label for consumer devices 1 month, 3 weeks ago | opensourcesecurity.io
ce certification claim compute +16
XZ Bonus Spectacular Episode 2 months ago | opensourcesecurity.io
backdoor basics bonus can +16

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com