Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

OSS Supply-chain Security: What Will It Take?

OSS Supply-chain Security: What Will It Take? While enterprise security teams naturally tend to turn their focus primarily to direct attacks on their own infrastructure, cybercrime exploits now are increasingly aimed at easier targets upstream. This has led to a perfect storm, since virtually all significant codebase repositories at this point include at least some amount of open-source software. But opportunities also abound there for the authors of malware. The broader cybercrime world, meanwhile, has noted that open-source supply chains are generally easy to penetrate. What's being done at this point to address the apparent risks? http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Queue Association for Computing Machinery

OSS Supply-chain Security: What Will It Take?

Loading next page...
 
/lp/association-for-computing-machinery/oss-supply-chain-security-what-will-it-take-bzWdpVW47H

References

References for this paper are not available at this time. We will be adding them shortly, thank you for your patience.

Publisher
Association for Computing Machinery
Copyright
Copyright © 2022 ACM
ISSN
1542-7730
eISSN
1542-7749
DOI
10.1145/3570923
Publisher site
See Article on Publisher Site

Abstract

While enterprise security teams naturally tend to turn their focus primarily to direct attacks on their own infrastructure, cybercrime exploits now are increasingly aimed at easier targets upstream. This has led to a perfect storm, since virtually all significant codebase repositories at this point include at least some amount of open-source software. But opportunities also abound there for the authors of malware. The broader cybercrime world, meanwhile, has noted that open-source supply chains are generally easy to penetrate. What's being done at this point to address the apparent risks?

Journal

QueueAssociation for Computing Machinery

Published: Oct 31, 2022

There are no references for this article.