Google’s latest scorecard tool scans open-source software for security risks
1 July 2021
The updated version of Google Scorecard produces a “Risk Score” for open-source software with improved checks and capabilities to make the data accessible for analysis. The update comes with features like, checks for contributions from malicious authors or compromised accounts that can introduce potential backdoors into code. Use of fuzzing (e.g., OSS-Fuzz), and static code analysis tools (e.g., CodeQL), signs of CI/CD compromise, and bad dependencies
Back to all news Read moreOther news
- Zacco welcomes Antonio Marsico as our new CEO, effective 1st July 20241 July 2024
- Zacco continues its journey as a standalone business14 March 2024
- Season’s Greetings 202315 December 2023
- OpSec Security completes acquisition of Zacco18 April 2023
- OpSec Security announces it has signed a definitive agreement to acquire Zacco4 April 2023
- Facebook will shell out $725 million to resolve the Cambridge Analytica data leak lawsuit26 December 2022
- Microsoft receives a €60 million fine from France for using advertising cookies without user consent.26 December 2022