Showing only posts by Andy Chang. Show all posts.

How to choose a known, trusted supplier for open source software

Source

Open-source software is used throughout the technology industry to help developers build software tools, apps, and services. While developers building with open-source software can (and often do) benefit greatly from the work of others, they should also conduct appropriate due diligence to protect against software supply chain attacks. With …

Google Cloud Assured Open Source Software service is now generally available

Source

Threats to the software supply chain and open source software (OSS) security continue to be major areas of concern for organizations creating apps and their developers. According to Mandiant’s M-Trends 2022 report, 17% of all security breaches start with a supply chain attack, the initial infection vector second …

Introducing Google Cloud’s new Assured Open Source Software service

Source

There has been an increasing awareness in the developer community, enterprises, and governments of software supply chain risks. Remediation efforts for vulnerabilities like Log4j and Spring4shell, and a 650% year-over-year increase in cyberattacks aimed at open source suppliers, have sharpened focus on the critical task of bolstering the security …

Build security into Google Cloud deployments with our updated security foundations blueprint

Source

At Google, we’re committed to delivering the industry’s most trusted cloud. To earn customer trust, we strive to operate in a shared-fate model for risk management in conjunction with our customers. We believe that it's our responsibility to be active partners as our customers securely deploy on …