How CISA can improve OSS security | allinfosecnews.com

Nov. 20, 2023, 2:55 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By Jim Miller

The US government recently issued a request for information (RFI) about open-source software (OSS) security. In this blog post, we will present a summary of our response and proposed solutions. Some of our solutions include rewriting widely used legacy code in memory safe languages such as Rust, funding OSS solutions to improve compliance, sponsoring research and development of vulnerability tracking and analysis tools, and educating developers on how to reduce attack surfaces and manage complex features.

Background …

blog blog post cisa code funding government information languages legacy memory memory safe memory safe languages miller open-source software oss request response rfi rust safe security software solutions

More from malware.news / Malware Analysis, News and Indicators - Latest topics

US sets sights on partnerships to counter cyberthreats, secure AI in new global cyber strategy 40 minutes ago | malware.news

article counter critical critical infrastructure +15

Tofsee (part 1): Static Analysis 45 minutes ago | malware.news

analysis bazaar blog conference +11

Exploits, Access, Extortion: Know Your Enemy in 2024 and Beyond 50 minutes ago | malware.news

access actor analysis arm +22

Nestle Brazil Leak, Rakuzan RAT, Access Sales for Japan & UAE Companies 50 minutes ago | malware.news

access amp brazil companies +17

Financial cyberthreats in 2023 50 minutes ago | malware.news

accounts assets attackers attacks +23

What is a Software Bill of Materials ( SBOM)? an hour ago | malware.news

bill build code components +13

A week in security (April 29 – May 5) 2 hours ago | malware.news

april a week in security breach customer +31

Taylor Swift tickets – how not to be scammed 2 hours ago | malware.news

concert demand record sales +11

Become a Certified AI Master in Cybersecurity with SOCRadar Training 3 hours ago | malware.news

certified course cutting cybersecurity +12

Head of Security Operations

@ Canonical Ltd. | Home based - Americas, EMEA

View on infosec-jobs.com

Security Specialist

@ Lely | Maassluis, Netherlands

View on infosec-jobs.com

Senior Cyber Incident Response (Hybrid)

@ SmartDev | Cầu Giấy, Vietnam

View on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota

View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US

View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom

View on infosec-jobs.com