Develop secure software. Develop software securely.

François Proulx in boostsecurity

Apr 15

Unveiling ‘poutine’: An Open Source Build Pipelines security scanner

François Proulx in boostsecurity

Mar 15

Opening the Pandora’s box — Supply Chain Insider Threats in Open Source projects

Giving repo “Write”…

François Proulx in boostsecurity

Feb 12

The tale of a Supply Chain near-miss incident

We disclosed to Chainguard in December 2023 that a…

1 response

François Proulx in boostsecurity

Jun 19, 2023

Erosion of Trust: Unmasking Supply Chain Vulnerabilities in the Terraform Registry

François Proulx in boostsecurity

Nov 11, 2022

SLSA dip — It’s Build Time!

This article is part of a multi-part series about the security of the…

François Proulx in boostsecurity

Nov 11, 2022

SLSA dip — At the Source of the problem!

This article is part of a multi-part series about the…

1 response

Zaid Al Hamami in boostsecurity

Nov 2, 2022

What is the Software Supply Chain — and how do I secure it?

In a previous blog article, we described the modern software supply chain. In a nutshell, this is everything from the developer, their laptop, your source code management system, the continuous integration machinery, all the…

Zaid Al Hamami in boostsecurity

Oct 31, 2022

OpenSSL Critical Security Issue

The OpenSSL project has announced that a critical severity vulnerability exists in versions 3.0.x of the…

Zaid Al Hamami in boostsecurity

Mar 4, 2022

Developing software securely…

Cybersecurity is hard. Companies stacked with security talent, and no shortage of cybersecurity budgets get…

About

boostsecurity

boostsecurity is on a mission to ensure that we trust the code we build and use.

More information

Followers

Elsewhere