all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

PREPRINT: Can the OpenSSF Scorecard be used to measure the security posture of npm and PyPI?. (arXiv:2208.03412v1 [cs.CR])

Add to bookmarks
Aug. 9, 2022, 1:20 a.m. | Nusrat Zahan, Parth Kanakiya, Brian Hambleton, Shohanuzzaman Shohan, Laurie Williams

cs.CR updates on arXiv.org arxiv.org

The OpenSSF Scorecard project is an automated tool to monitor the security
health of open source software. We used the tool to understand the security
practices and gaps in npm and PyPI ecosystems and to confirm the applicability
of the Scorecard tool.

npm openssf posture pypi scorecard security security posture

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Differentially private Bayesian tests 20 hours ago | arxiv.org
arxiv confidential cornerstone cs.cr +16
On the Learnability of Watermarks for Language Models 20 hours ago | arxiv.org
arxiv ask can cs.cl +12
Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image … 20 hours ago | arxiv.org
applications arxiv attack cs.cr +14
On the Reliability of Watermarks for Large Language Models 20 hours ago | arxiv.org
arxiv bots cs.cl cs.cr +23
A Watermark for Large Language Models 20 hours ago | arxiv.org
arxiv can cs.cl cs.cr +13
Asymmetric Distributed Trust 20 hours ago | arxiv.org
abstraction algorithms arxiv can +12
Read Disturbance in High Bandwidth Memory: A Detailed Experimental Study on HBM2 DRAM Chips 20 hours ago | arxiv.org
arxiv bandwidth chips cs.ar +5
ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation 20 hours ago | arxiv.org
access address area arxiv +17
A Case Study of Large Language Models (ChatGPT and CodeBERT) for Security-Oriented Code Analysis 20 hours ago | arxiv.org
analysis arxiv can capabilities +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs