all InfoSec news
PREPRINT: Can the OpenSSF Scorecard be used to measure the security posture of npm and PyPI?. (arXiv:2208.03412v2 [cs.CR] UPDATED)
Aug. 15, 2022, 1:20 a.m. | Nusrat Zahan, Parth Kanakiya, Brian Hambleton, Shohanuzzaman Shohan, Laurie Williams
cs.CR updates on arXiv.org arxiv.org
The OpenSSF Scorecard project is an automated tool to monitor the security
health of open source software. We used the tool to understand the security
practices and gaps in npm and PyPI ecosystems and to confirm the applicability
of the Scorecard tool.
npm openssf posture pypi scorecard security security posture
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cyber Threat Analyst
@ Peraton | Morrisville, NC, United States
Kyndryl Offensive Security Professional - Threat-Led Penetration Testing (TLPT) and Red Teaming
@ Kyndryl | Sao Paulo (KBR51645) WeWork Office
Consultant en Cyber Sécurité - Spécialiste PKI H/F
@ Devoteam | Levallois-Perret, France
Cloud Security Architect - Advisor (Remote)
@ Fannie Mae | Reston, VA, United States
OT Cybersecurity Engineer
@ SBM Offshore | Bengaluru, IN, 560071