all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How CISA can improve OSS security

Add to bookmarks
Nov. 20, 2023, 2:35 p.m. | Trail of Bits

Trail of Bits Blog blog.trailofbits.com

By Jim Miller The US government recently issued a request for information (RFI) about open-source software (OSS) security. In this blog post, we will present a summary of our response and proposed solutions. Some of our solutions include rewriting widely used legacy code in memory safe languages such as Rust, funding OSS solutions to improve […]

blog blog post cisa code darpa education funding government information languages legacy memory memory safe memory safe languages memory safety miller open source open-source software oss request response rfi rust safe security software solutions supply chain

Visit resource

More from blog.trailofbits.com / Trail of Bits Blog

The life and times of an Abstract Syntax Tree 1 day, 20 hours ago | blog.trailofbits.com
artificially intelligent can clear compiler +14
Curvance: Invariants unleashed 3 days, 19 hours ago | blog.trailofbits.com
assessments audits blockchain building +15
Announcing two new LMS libraries 1 week ago | blog.trailofbits.com
algorithm bits cryptography digital +17
5 reasons to strive for better disclosure processes 2 weeks, 4 days ago | blog.trailofbits.com
blog bugs disclosure examples +6
Introducing Ruzzy, a coverage-guided Ruby fuzzer 1 month ago | blog.trailofbits.com
application security bits bugs code +16
Why fuzzing over formal verification? 1 month, 1 week ago | blog.trailofbits.com
audits blockchain development fuzzing +3
Streamline your static analysis triage with SARIF Explorer 1 month, 1 week ago | blog.trailofbits.com
analysis audits explorer extension +8
Read code like a pro with our weAudit VSCode extension 1 month, 2 weeks ago | blog.trailofbits.com
audits bugs code codebase +12
Releasing the Attacknet: A new tool for finding bugs in blockchain nodes using chaos testing 1 month, 2 weeks ago | blog.trailofbits.com
addresses bits blockchain bugs +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Security Engineer

@ Elsevier | Home based-Georgia
View on infosec-jobs.com

Infrastructure Compliance Engineer

@ NVIDIA | US, CA, Santa Clara
View on infosec-jobs.com

Information Systems Security Engineer (ISSE) / Cybersecurity SME

@ Green Cell Consulting | Twentynine Palms, CA, United States
View on infosec-jobs.com

Sales Security Analyst

@ Everbridge | Bengaluru
View on infosec-jobs.com

Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France

@ Sopra Steria | Courbevoie, France
View on infosec-jobs.com

Third Party Cyber Risk Analyst

@ Chubb | Philippines
View on infosec-jobs.com
View more jobs