This week, Google unveiled OSV-Scanner, a free scanner that open-source programmers can use to get information on vulnerabilities that are pertinent to their projects.
Software projects are more susceptible to supply chain attacks and the exploitation of undiscovered vulnerabilities due to their numerous dependencies. Google last year launched an open source vulnerability database and is now offering a front-end for that database in the form of the OSV-Scanner in an effort to increase the ecosystem’s security by assisting the community in classifying vulnerabilities in open source software.
Also Read: What Caused the Cybersecurity Ecosystem to Congeal?
Google intends to improve C/C++ vulnerability support, add special features like call graph analysis and automatic remediation, integrate the scanner with developer workflows via standalone CI actions, add automatic generation of VEX statements, and improve support for C/C++ vulnerabilities.
Read More: Google Announces Vulnerability Scanner for Open Source Developers
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.