Announcing the deps.dev API: critical dependency data for secure supply chains | allinfosecnews.com

April 11, 2023, 4:05 p.m. | Google (noreply@blogger.com)

Google Online Security Blog security.googleblog.com

Posted by Jesper Sarnesjo and Nicky Ringland, Google Open Source Security Team

Today, we are excited to announce the deps.dev API, which provides free access to the deps.dev dataset of security metadata, including dependencies, licenses, advisories, and other critical health and security signals for more than 50 million open source package versions.

Software supply chain attacks are increasingly common and harmful, with high profile incidents such as Log4Shell, Codecov, and the recent 3CX hack. The overwhelming …

3cx access api attacks codecov complexity critical data dependencies dependency deps.dev dev diligent ecosystem free google hack health high incidents licenses log4shell metadata open source open source security open source security team package profile security security team signals software software supply chain software supply chain attacks supply supply chain supply chain attacks supply chains team

More from security.googleblog.com / Google Online Security Blog

Prevent Generative AI Data Leaks with Chrome Enterprise DLP 2 weeks ago | security.googleblog.com

ai data businesses can chrome +23

How we built the new Find My Device network with user security and privacy in … 3 weeks, 3 days ago | security.googleblog.com

android android security crowdsourced data +13

Google Public DNS’s approach to fight against cache poisoning attacks 1 month ago | security.googleblog.com

addresses attacks cache cache poisoning +21

Address Sanitizer for Bare-metal Firmware 1 month ago | security.googleblog.com

address android android security area +12

Real-time, privacy-preserving URL protection 1 month, 2 weeks ago | security.googleblog.com

alex amp attackers browsing +20

Vulnerability Reward Program: 2023 Year in Review 1 month, 2 weeks ago | security.googleblog.com

10 million address android security bug +21

Secure by Design: Google’s Perspective on Memory Safety 1 month, 4 weeks ago | security.googleblog.com

Piloting new ways of protecting Android users from financial fraud 2 months, 3 weeks ago | security.googleblog.com

android android security android users apps +19

Improving Interoperability Between Rust and C++ 2 months, 3 weeks ago | security.googleblog.com

amp android announcement back +13

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India

View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote

View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC

View on infosec-jobs.com