all InfoSec news
OmniBOR: A System for Automatic, Verifiable Artifact Resolution across Software Supply Chains
Feb. 15, 2024, 5:10 a.m. | Bharathi Seshadri, Yongkui Han, Chris Olson, David Pollak, Vojislav Tomasevic
cs.CR updates on arXiv.org arxiv.org
Abstract: Software supply chain attacks, which exploit the build process or artifacts used in the process of building a software product, are increasingly of concern. To combat these attacks, one must be able to check that every artifact that a software product depends on does not contain vulnerabilities. In this paper, we introduce OmniBOR, (Universal Bill of Receipts) a minimalistic scheme for build tools to create an artifact dependency graph which can be used to track …
artifact artifacts arxiv attacks automatic build building check cs.cr cs.se exploit process product resolution software software supply chain software supply chain attacks software supply chains supply supply chain supply chain attacks supply chains system
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Technical Support Specialist (Cyber Security)
@ Sigma Software | Warsaw, Poland
OT Security Specialist
@ Adani Group | AHMEDABAD, GUJARAT, India
FS-EGRC-Manager-Cloud Security
@ EY | Bengaluru, KA, IN, 560048