How bulk pull requests help scale open source bug fixes | allinfosecnews.com

March 28, 2023, 3:58 p.m. | Ericka Chickowski

Security Boulevard securityboulevard.com

The complicated tangle of dependencies in modern software development processes make it tricky to identify dangerous flaws hidden in open-source software (OSS) projects. But the bigger bugaboo has been how to issue fixes to vulnerable projects at a scale that can reduce the attack surface across the entire software supply chain.

The post How bulk pull requests help scale open source bug fixes appeared first on Security Boulevard.

attack attack surface bug dependencies dev & devsecops development fixes flaws hidden identify issue open source open-source software oss processes projects pull requests requests scale security security boulevard software software development software supply chain software supply chain security supply supply chain vulnerable

More from securityboulevard.com / Security Boulevard

Latest OpenSSH Vulnerability Might Impact 14M Linux Systems 6 hours ago | securityboulevard.com

code code execution cybersecurity devsecops +22

‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE 8 hours ago | securityboulevard.com

apple apple ios application security apps +72

We’re Asking the Wrong Questions About regreSSHion 8 hours ago | securityboulevard.com

asking deepfactor questions regresshion +3

Weaponizing API discovery metadata 8 hours ago | securityboulevard.com

api api discovery api hacking mindset api hacking techniques +13

The Importance of an Up-to-Date Information Security Plan for Automotive OEMs and Dealerships 9 hours ago | securityboulevard.com

automotive blog compliance data +18

Like Shooting Phish in a Barrel 9 hours ago | securityboulevard.com

application security bypassing click controls +16

Embracing Zero Trust: DoD’s New Cybersecurity Paradigm (Part 1) 10 hours ago | securityboulevard.com

boundaries clear cybersecurity defense +19

It’s World UFO Day! Defend Against Unidentified File Objects (UFOs) with Votiro 11 hours ago | securityboulevard.com

blog file security security boulevard +4

A Deep Dive into the EU Cybersecurity Certification Scheme on Common Criteria (EUCC) 11 hours ago | securityboulevard.com

agency blog posts bolster central +14

Ground Systems Engineer - Evolved Strategic SATCOM (ESS)

@ The Aerospace Corporation | Los Angeles AFB

View on infosec-jobs.com

Policy and Program Analyst

@ Obsidian Solutions Group | Rosslyn, VA, US

View on infosec-jobs.com

Principal Network Engineering

@ CVS Health | Work At Home-California

View on infosec-jobs.com

Lead Software Engineer

@ Rapid7 | NIS Belfast

View on infosec-jobs.com

Software Engineer II - Java

@ Rapid7 | NIS Belfast

View on infosec-jobs.com

Senior Software Engineer

@ Rapid7 | NIS Belfast

View on infosec-jobs.com