comparemela.com

Latest Breaking News On - Henrik plate - Page 2 : comparemela.com

Endor Labs: The value of (zooming into) call graphs

This is a guest post for the Computer Weekly Developer Network written by Henrik Plate in his capacity as a security researcher at Endor Labs - a company known for its approach to ‘reachability .

Computer weekly developer networkVulnerability exploitability exchangeHenrik plateEndor labs

NIST publishes new draft framework for integrating supply chain security into CI/CD pipelines

The National Institute of Standards and Technology (NIST) published a new draft that outlines strategies for integrating 54 SSC security measures into CI/CD pipelines.

National institute of standardsSoftware development frameworkNational instituteHenrik plateSecure software development frameworkSource dependency risks

Over half of AI open source projects contain vulnerabilities

New research shows 52 percent of the top 100 AI open source projects on GitHub reference known vulnerable open source software packages.

Endor labsArtificial intelligenceHenrik plateEndor lab station

Dependencies in LLM packages open apps to vulnerabilities: Report

Open-source packages with large language model (LLM) capabilities have many dependencies that make calls to security-sensitive APIs, according to a new Endor Labs report.

Linux foundationDependency managementHenrik plateEndor labs

AI Hallucinations a Rising Threat to Enterprise Security

If ChatGPT is fabricating code libraries or packages, attackers could use these hallucinations to spread malicious packages without using suspicious and already detectable techniques like typosquatting or masquerading.

Tel avivJossef harushOrtel keizmanMelissa bischopingYair divinskyDan lorencDaniel kennedyIra winklerVulcan cyberBar lanyadoStack overflowHenrik plateEndor labsPalo altoBud broomheadMountain view

vimarsana © 2020. All Rights Reserved.