Adding build provenance to Homebrew
By William Woodruff This is a joint post with Alpha-Omega—read their announcement post as well! We’re starting a new project in collaboration with Alpha-Omega and OpenSSF to improve the transparenc…
Trusted publishing: a new benchmark for packaging security - Read the official announcement on the PyPI blog as well!
For the past year, we’ve ...
https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/ #engineeringpractice #ecosystemsecurity
Trusted publishing: a new benchmark for packaging security
Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index to add a new, more secure authentication method called “trusted publishing.” T…
We need a new way to measure AI security
Tl;dr: Trail of Bits has launched a practice focused on machine learning and artificial intelligence, bringing together safety and security methodologies to create a new risk assessment and assuran…
We need a new way to measure AI security
Tl;dr: Trail of Bits has launched a practice focused on machine learning and artificial intelligence, bringing together safety and security methodologies to create a new risk assessment and assuran…
Introducing RPC Investigator
A new tool for Windows RPC research By Aaron LeMasters Trail of Bits is releasing a new tool for exploring RPC clients and servers on Windows. RPC Investigator is a .NET application that builds on …
Introducing RPC Investigator
A new tool for Windows RPC research By Aaron LeMasters Trail of Bits is releasing a new tool for exploring RPC clients and servers on Windows. RPC Investigator is a .NET application that builds on …
Porting the Solana eBPF JIT compiler to ARM64
By Andrew Haberlandt During my summer internship at Trail of Bits, I worked on the fork of the RBPF JIT compiler that is used to execute Solana smart contracts. The RBPF JIT compiler plays a criti…
Sinter: New user-mode security enforcement for macOS - TL;DR: Sinter is the first available open-source endpoint protection agent written entirely in Swi...
https://blog.trailofbits.com/2020/08/12/sinter-new-user-mode-security-enforcement-for-macos/ #engineeringpractice #sinter #appleSinter: New user-mode security enforcement for macOS
TL;DR: Sinter is the first available open-source endpoint protection agent written entirely in Swift, with support for Apple’s new EndpointSecurity API from first principles. Sinter demonstrates ho…
Announcing the Zeek Agent - (This posting is cross-posted between the Zeek blog and the Trail of Bits blog).
The Zeek Network Se... more:
https://blog.trailofbits.com/2020/03/23/announcing-the-zeek-agent/ #engineeringpractice #osqueryAnnouncing the Zeek Agent
QueryCon 2019: A Turning Point for osquery - Has it really been 3 months since Trail of Bits hosted QueryCon? We’ve had such a busy and productiv... more:
https://blog.trailofbits.com/2019/09/20/querycon-2019-a-turning-point-for-osquery/ #engineeringpractice #conferences #osqueryQueryCon 2019: A Turning Point for osquery
ITSEC News
OPSEC Cybersecurity News Live