Olivia
Online
laurent
@lsim99
Open source security @Google
Joined June 2021
58 Following
144 Followers
112 Posts
Discover the power of Structured Results in the #OpenSSF blog: https://t.co/mYPtc5bcnt
Tailor your security approach with detailed insights for precise policy enforcement. 🛡️✨
Amazing community collaboration: GitHub's Dependency review action now supports displaying and blocking PRs based on OpenSSF scorecard results https://t.co/IpdIPQBQqa
Announcing the general availability of the V3 https://t.co/7WpMoakTHL API (All your OSS transitive dependencies belong to you!). Lot of new features like batch support, purl support, querying capabilities for new things like name similarity, SLSA attestations, etc! Check it out at https://t.co/G5T6JsdTLK
Why SBOMs for OSS (package) libraries can't report accurate information about dependencies https://t.co/jPHFmLGPz8
Who to follow
Luke Hinds 
@decodebytes
Creator of https://t.co/T8htHI7vHB , now building https://t.co/OBABqFvHE2 - the agent security platform.
Naveen Srinivasan
@Naveen_Srini_
Software Supply Chain Security | Google Open Source Peer Bonus award 2021,2022, and 2024
OpenSSF
@openssf
Open Source Security Foundation (OpenSSF)
Together, we're securing the #opensource ecosystem #OSSSecurity
https://t.co/uUpbn44G4Q
https://t.co/adjLU8dbk0
Refining our notion of "critical projects" by augmenting the dependency graph with authorship information https://t.co/NNpjm7ZV0d
What other insights can we glean with dependency and git information? Let us know if you have ideas!
Tomorrow at 5pm PT! 📅
Sign up for the SLSA Bay Area meetup hosted by @Google and @github and hear @tidelift co-founder @luis_in_brief discuss Trusted Attestation and Compliance for Open Source (TACOS) 🌮
https://t.co/5B6hwrHd4O
Excited to announce the big milestone on #OSV: We have now enriched 30K vulns from NVD CVE DB and added first-class support for C/C++ ecosystem inside OSV-Scanner. Check out https://t.co/HPBRtjylD6! One-stop community DB and scanner for all your OSS vulnerability scanning needs!
@colek42c @trishankkarthik @justincormack @torresariass @ffkiv @adityasaky SLSA for models, yes https://t.co/JZWiMBrGi9. We'll also talk about that at the SLSA Bay Area meet up on 16th Nov in SF https://t.co/SFc2rQAbzo
Join us for the first SLSA Bay Area meet-up on Nov 16 in SF. You'll learn about the latest news on the #slsa standard for supply-chain and how to use it to secure your SDLC and AI pipelines. Register and propose a talk https://t.co/0YKtJcrF2I
5 days left to submit your papers or security-in-practice talks to the SCORED ‘23 workshop!
Excited to announce a new SLSA builder I've been working on with Google's Project Oak that helps enable a transparent release process in Confidential Computing!
https://t.co/BuhBZilZHU
@RBehjati
The deadline for the SCORED'23 workshop on software supply chain security is in about 2 weeks. That's enough time to put together a nice submission!
https://t.co/hfFs8OhHdj
Reminder: The call for papers/talks for the 2nd ACM SCORED workshop on SW Supply Chain security is open until June 30!
Security-in-practice talks and short research papers welcome!
Call for papers/talks: https://t.co/EDFM6YC22e
Submission site: https://t.co/owgwRCtY1Q
Each dep brings others. Understanding the supply chain is as difficult as understanding universe. Now we have a telescope: GUAC reaches its v0.1 release. Find more on Google's security blog and come and join us in solving swaths of supply chain problems: https://t.co/0N78ek6w6t
Thanks @github for featuring @theopenssf Scorecard project on ReadME blog-"In Scorecard we trust" by @snaveen(Endor) & Brian Russell(GOSST)."If you’re looking to start improving your software supply chain security, adopting Scorecard is a great first step" https://t.co/pYbXo66kGX
Nice way to earn glory for your fuzzer and more importantly 11k!
Announcing OSV-Scanner: a tool that gives OSS developers easy access to vulnerability info relevant to their project using https://t.co/sjkE85WfcD DB (16 ecosystems, 39K+ vulns). Also, integrated with Scorecards vulns check to give vulns in dependencies - https://t.co/UOtRGkoOvn
Excited to welcome another builder to higher SLSA level compliance. Check out the #SLSA community blog post going into the details on how @googlecloud build can help you with SLSA L3 compliance - https://t.co/gEe1s3sjH7
Super excited to announce another milestone for SLSA: Google GCB level 3 provenance for your containers can now be verified via the open-source, community-developed https://t.co/NxPRixolXb. Check out the blog post https://t.co/xjURPREvyc!. Stay tuned, more coming up soon!
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers