all InfoSec news
An Integrity-Focused Threat Model for Software Development Pipelines. (arXiv:2211.06249v1 [cs.CR])
Nov. 14, 2022, 2:20 a.m. | B. M. Reichert (1), R. R. Obelheiro (1) ((1) Graduate Program in Applied Computing, State University of Santa Catarina)
cs.CR updates on arXiv.org arxiv.org
In recent years, there has been a growing concern with software integrity,
that is, the assurance that software has not been tampered with on the path
between developers and users. This path is represented by a software
development pipeline and plays a pivotal role in software supply chain
security. While there have been efforts to improve the security of development
pipelines, there is a lack of a comprehensive view of the threats affecting
them. We develop a systematic threat model …
development integrity software software development threat threat model
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Engineer, Incident Response
@ Databricks | Remote - Netherlands
Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)
@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
Data Security Architect
@ Accenture Federal Services | Washington, DC
Identity Security Administrator
@ SailPoint | Pune, India