all InfoSec news
OmniBOR: A System for Automatic, Verifiable Artifact Resolution across Software Supply Chains
Feb. 15, 2024, 5:10 a.m. | Bharathi Seshadri, Yongkui Han, Chris Olson, David Pollak, Vojislav Tomasevic
cs.CR updates on arXiv.org arxiv.org
Abstract: Software supply chain attacks, which exploit the build process or artifacts used in the process of building a software product, are increasingly of concern. To combat these attacks, one must be able to check that every artifact that a software product depends on does not contain vulnerabilities. In this paper, we introduce OmniBOR, (Universal Bill of Receipts) a minimalistic scheme for build tools to create an artifact dependency graph which can be used to track …
artifact artifacts arxiv attacks automatic build building check cs.cr cs.se exploit process product resolution software software supply chain software supply chain attacks software supply chains supply supply chain supply chain attacks supply chains system
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Application Security Engineer - Remote Friendly
@ Unit21 | San Francisco,CA; New York City; Remote USA;
Cloud Security Specialist
@ AppsFlyer | Herzliya
Malware Analysis Engineer - Canberra, Australia
@ Apple | Canberra, Australian Capital Territory, Australia
Product CISO
@ Fortinet | Sunnyvale, CA, United States
Manager, Security Engineering
@ Thrive | United States - Remote