Golang adds vulnerability management tooling

Golang adds vulnerability management tooling

Google’s Go programming language has added support for vulnerability management, which project developers said was an initial step toward helping Go developers learn about known vulnerabilities that could impact them.In a blog post on September 6, the Go security team...
Golang adds vulnerability management tooling

Security is hard and won’t get much easier

Security is one of the few things that will survive the budget axe should the world plunge into recession, but it’s increasingly clear that we can’t simply spend our way to a secure future. Indeed, SLSA (Supply-chain Levels for Software Artifacts), Tekton, and other...
Golang adds vulnerability management tooling

Build SBOMs with Microsoft’s internal tool

The compromise of SolarWinds’ system management tool raised a lot of interesting issues for anyone using a CI/CD (continuous integration and continuous delivery) build process for their software. How can we ensure that the software we distribute to our users is the...
Golang adds vulnerability management tooling

How we’ll solve software supply chain security

Who owns software supply chain security? Developers? Or the platform and security engineering teams supporting them?In the past, the CIO, CISO, or CTO and their security team would decide which Linux distribution, operating system, and infrastructure platform the...