all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Adding build provenance to Homebrew

Add to bookmarks
Nov. 6, 2023, 3:50 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By William Woodruff


This is a joint post with Alpha-Omega—read their announcement post as well!


We’re starting a new project in collaboration with Alpha-Omega and OpenSSF to improve the transparency and security of Homebrew. This six-month project will bring cryptographically verifiable build provenance to homebrew-core, allowing end users and companies to prove that Homebrew’s packages come from the official Homebrew CI/CD. In a nutshell, Homebrew’s packages will become compliant with SLSA Build L2 (formerly known as Level 2). …

alpha-omega announcement build collaboration companies end homebrew omega openssf packages project prove provenance security transparency

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Linux Trojan - Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th) an hour ago | malware.news
ddos dshield filename files +8
CISO Perspectives: Protecting Legacy Network Devices with ZTNA 4 hours ago | malware.news
attention aware ciso customers +20
London Drugs pharmacy closes all stores to respond to cyber incident 6 hours ago | malware.news
article canada closures cyber +11
HPE security advisory (AV24-232) 7 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
SonicWall security advisory (AV24-233) 7 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
Critical infrastructure cyberattacks pushed NSA to unmask thousands of U.S. identities through spying law 8 hours ago | malware.news
act critical critical infrastructure cyberattacks +14
Change Healthcare incident caused by compromised Citrix credentials 8 hours ago | malware.news
article ceo change change healthcare +15
Stolen Citrix Credentials Led to Change Ransomware Attack 9 hours ago | malware.news
access attack authentication ceo +23
AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more. - SWN … 9 hours ago | malware.news
article chrome fcc ftc +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs