PGP signatures on PyPI: worse than useless| blog.yossarian.net
Tags| blog.yossarian.net
Series| blog.yossarian.net
ENOSUCHBLOG| blog.yossarian.net
When someone passed me hundreds of thousands of records on kids taken from CloudPets a few years ago [https://www.troyhunt.com/data-from-connected-cloudpets-teddy-bears-leaked-and-ransomed-exposing-kids-voice-messages/] , I had a nightmare of a time getting in touch with the company. They'd left a MongoDB instance exposed to the public without a password and someone| Troy Hunt
A “software bill of materials” (SBOM) has emerged as a key building block in software security and software supply chain risk management. An SBOM is a nested inventory, a list of ingredients that make up software components. While not a brand new concept, the ideas and implementation have advanced since 2018 through a number of collaborative community effort, including National Telecommunications and Information Administration’s (NTIA) multistakeholder process. | Cybersecurity and Infrastructure Security Agency CISA
ENOSUCHBLOG| blog.yossarian.net
ENOSUCHBLOG| blog.yossarian.net