March 29, 2023
fireshot capture 1409 google online security blog announcing guac a great pairing with s

Google open-sources GUAC, a tool for companies to assess software security

For software supply chain attacks, Google open sourced the GUAC (Graph for Understanding Artifact Composition) project, a free tool created by Google in collaboration with Kusari, Purdue University, and Citi, which brings together many different software security metadata sources and combines them A graph database is aggregated to normalize entity identities and standard relationships between mappings. By querying the graph, users can obtain information such as software SBOM, provenance, project scorecards, and vulnerabilities.

Ewen Eagle

I am the founder of Urbantechstory, a Technology based blog. where you find all kinds of trending technology, gaming news, and much more.

View all posts by Ewen Eagle →

Leave a Reply

Your email address will not be published.