Sept. 15, 2023, 7:45 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics

Jess McClintock and John Dethridge, Google Open Source Security Team, and Damien Miller, Enterprise Infrastructure Protection Team

When you import a third party library, do you review every line of code? Most software packages depend on external libraries, trusting that those packages aren’t doing anything unexpected. If that trust is violated, the consequences can be huge—regardless of whether the package is malicious, or well-intended but using overly broad permissions, such as with Log4j in 2021. Supply chain security is a …

code doing enterprise external google import infrastructure infrastructure protection john library miller open source open source security open source security team packages party protection review security security team software team third trust what is

Business Information Security Officer

@ Metrolink | Los Angeles, CA

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City

Security Engineer

@ ChartMogul | Remote, EU

Sr. Network Security Engineer - Fortinet (North Florida)

@ DGR Systems LLC | Jacksonville, Florida, United States

Product Security Engineer

@ Tide | United Kingdom, Remote

Security Operations Engineer

@ Scale AI | San Francisco, CA