National Cyber Warfare Foundation (NCWF) Forums


New Portal Helps Devs Spot Malicious Open Source Packages


0 user ratings
2024-06-26 16:09:46
milo
Developers

 - archive -- 

Spotting compromises hidden deep in open source- or commercial supply chains is difficult under the best of circumstances. For developers and development teams tasked with achieving aggressive development and release goals — an environment in which software security and integrity are low priorities — the job is even harder. That’s why, today, ReversingLabs introduced a new offering that helps developers to rapidly assess the security and quality of millions of open source packages spread across platforms such as npm, PyPI and RubyGems. 


Spectra Assure Community is a tool that enables developers, product security teams, and release managers to scan open source components to identify the best building blocks for their products. Using Spectra’s unique combination of advanced threat detection, comprehensive analysis, and standardized assessments, it helps developers determine whether packages that they wish to use are free from malicious code and supply chain attacks. 


The post New Portal Helps Devs Spot Malicious Open Source Packages appeared first on Security Boulevard.



Tomislav Peričin

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/06/new-portal-helps-devs-spot-malicious-open-source-packages/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Developers



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.