https://www.infoq.com InfoQ Security Development Lifecycle feed https://www.infoq.com/news/2024/03/guac-incubating-openssf/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Development+Lifecycle <img src="https://res.infoq.com/news/2024/03/guac-incubating-openssf/en/headerimage/guac-logo_1200x630-1709560542059.jpg"/><p>The Graph for Understanding Artifact Composition (GUAC) has joined the Open Source Security Foundation (OpenSSF) as an incubating project. GUAC provides a tool and underlying API to analyse and visualise software bill of materials (SBOM) along with threat intelligence feeds to determine whether vulnerabilities impact an application.</p> <i>By Chris Swan</i> Common Vulnerabilities and Exposures Security Vulnerabilities Open Source Projects Software Supply Chain Application Security Security Development Lifecycle DevOps Development news Thu, 07 Mar 2024 14:00:00 GMT https://www.infoq.com/news/2024/03/guac-incubating-openssf/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Development+Lifecycle Chris Swan 2024-03-07T14:00:00Z /news/2024/03/guac-incubating-openssf/en