Application Security: OpenSSF Package Analysis Project


The OpenSSF project is a new program sponsored by Google and other prominent tech corporations that aims to addresses  the challenge of identifying malicious packages in popular open source repositories. In just one month of analysis, the project identified more than 200 malicious packages uploaded to PyPI and npm.

Leave a comment

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.