Skip to main content

Track Open Source Vulnerabilities With Google's OSV

 The Open-Source Vulnerabilities, OSV, database is a new, open source,  project from Google that goes beyond the current state of CVE tracking.

Avoiding the introduction of vulnerabilities in a project is nothing short of science. Most projects use SAST scanning at the final stage in order to find and fix them. One great tool used in this way is Semgrep which combines the convenience of grep with the correctness of syntactical and semantic search and can be categorized as something between grep and a SAST tool. For the lowdown check my detailed article Semgrep - More Than Just a Glorified Grep.


full article on i-programmer


Labels:

Comments

Post a Comment

Popular posts from this blog

Spatial Data Management For GIS and Data Scientists

  Videos of the lectures taught in Fall 2023 at the University of Tennessee are now available as a YouTube playlist. They provide a complete overview of the concepts of GeoSpatial science using Google Earth Engine, PostgresSQL GIS , DuckDB, Python and SQL. https://www.i-programmer.info/news/145-mapping-a-gis/16772-spatial-data-management-for-gis-and-data-scientists.html
Post a Comment
Read more

Microsoft Goes All Out On Educating Developers

  What better way to lure devs into the platform than to provide clear how-to instructions and deep educational material? Over the last couple of years, but especially during 2023, Microsoft has pumped up its educational facilities on . NET. For instance, it has released a number of self-paced projects we here at I Programmer have covered, such as: https://www.i-programmer.info/news/89-net/16857-microsoft-goes-all-out-on-educating-developers.html
Post a Comment
Read more