New, free tool adds layer of security for the software supply chain
Read about In-toto, the open-source tool protecting the software supply chain, developed by Justin Cappos, a professor of computer science and engineering, and Santiago Torres-Arias, a former Ph.D. student at NYU Tandon, now a professor at Purdue University.
From TechXplore: "The software supply chain has long been a prime target for cyberattacks, putting servers, IoT devices, personal computers, and connected equipment from surgically embedded devices to avionics at risk of sabotage. These risks will increase dramatically with the global rollout of such new technologies as 5G telecommunications, and new tools will be required to affirm the security and authenticity of software projects. Against this backdrop, in-toto, an open-source tool developed by researchers at the NYU Tandon School of Engineering that provides an unprecedented level of assurance against such attacks, announces it has hit a significant milestone with the release of its first major version."