The Scorecards project, which is an automated security tool that calculates a “risk score” for open-source software projects, has received a major update from Google LLC.
Google and the Open Source Security Foundation launched the Scorecards tool in November 2020. The purpose was to assist businesses in determining whether or not to embrace a certain open-source software project based on factors such as security posture and trustworthiness.
Although some businesses have systems and processes in place to evaluate open-source software dependencies, the majority of businesses do not. As a result, they may unintentionally use software that is vulnerable in some of their most important initiatives.
To Read More: SiliconAngle