))
GUAC for Startup's Software Supply Chain
Manage episode 448045461 series 3605659
Kandungan disediakan oleh Kabir. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Kabir atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
This episode is about GUAC, which stands for Graph for Understanding Artifact Composition, is an open-source tool that helps software developers understand their software supply chain. By creating a database of software packages and their dependencies, GUAC can identify potential vulnerabilities and trace the path of those vulnerabilities through the supply chain. This allows developers to quickly understand which of their packages are affected and take action to mitigate those risks. The GUAC ecosystem includes a command-line interface, a visualizer (under development), and a GraphQL API for querying data. The source provides a demo that showcases GUAC's features, including identifying vulnerabilities and marking packages as malicious.
Podcast:
https://kabir.buzzsprout.com
YouTube:
https://www.youtube.com/@kabirtechdives
Please subscribe and share.
88 episod
Kongsi
