Github has launched a new method for security vulnerability disclosure privately and directly from a repository in an effort to improve the state of software supply chain security.
Github has launched a new method for security vulnerability disclosure privately and directly from a repository in an effort to improve the state of software supply chain security.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
It’s great to see GitHub take this important step of allowing streamlined communication between security researchers and open-source maintainers to increase the safety of the overall open-source ecosystem. Allowing open-source contributors to easily and safely support their projects helps all of us make progress towards greater security.