Security in Cloud-Native Services: A Survey
T Theodoropoulos, L Rosa, C Benzaid, P Gray… - … of Cybersecurity and …, 2023 - mdpi.com
Cloud-native services face unique cybersecurity challenges due to their distributed
infrastructure. They are susceptible to various threats like malware, DDoS attacks, and Man …
infrastructure. They are susceptible to various threats like malware, DDoS attacks, and Man …
Sok: Taxonomy of attacks on open-source software supply chains
The widespread dependency on open-source software makes it a fruitful target for malicious
actors, as demonstrated by recurring attacks. The complexity of today's open-source supply …
actors, as demonstrated by recurring attacks. The complexity of today's open-source supply …
An empirical study on software bill of materials: Where we stand and the road ahead
The rapid growth of software supply chain attacks has attracted considerable attention to
software bill of materials (SBOM). SBOMs are a crucial building block to ensure the …
software bill of materials (SBOM). SBOMs are a crucial building block to ensure the …
On the impact of security vulnerabilities in the npm and RubyGems dependency networks
The increasing interest in open source software has led to the emergence of large language-
specific package distributions of reusable software libraries, such as npm and RubyGems …
specific package distributions of reusable software libraries, such as npm and RubyGems …
Taxonomy of attacks on open-source software supply chains
The widespread dependency on open-source software makes it a fruitful target for malicious
actors, as demonstrated by recurring attacks. The complexity of today's open-source supply …
actors, as demonstrated by recurring attacks. The complexity of today's open-source supply …
Software supply chain: review of attacks, risk assessment strategies and security controls
The software product is a source of cyber-attacks that target organizations by using their
software supply chain as a distribution vector. As the reliance of software projects on open …
software supply chain as a distribution vector. As the reliance of software projects on open …
On the way to sboms: Investigating design issues and solutions in practice
The increase of software supply chain threats has underscored the necessity for robust
security mechanisms, among which the Software Bill of Materials (SBOM) stands out as a …
security mechanisms, among which the Software Bill of Materials (SBOM) stands out as a …
On the effect of transitivity and granularity on vulnerability propagation in the maven ecosystem
Reusing software libraries is a pillar of modern software engineering. In 2022, the average
Java application depends on 40 third-party libraries. Relying on such libraries exposes a …
Java application depends on 40 third-party libraries. Relying on such libraries exposes a …
Chronos: Time-aware zero-shot identification of libraries from vulnerability reports
Tools that alert developers about library vulnerabilities depend on accurate, up-to-date
vulnerability databases which are maintained by security researchers. These databases …
vulnerability databases which are maintained by security researchers. These databases …
Software composition analysis for vulnerability detection: An empirical study on Java projects
Software composition analysis (SCA) tools are proposed to detect potential vulnerabilities
introduced by open-source software (OSS) imported as third-party libraries (TPL). With the …
introduced by open-source software (OSS) imported as third-party libraries (TPL). With the …