I work on software security at MITRE, including leading development of Hipcheck and serving on the OmniBOR Core Team. You can find me around.
Folks at Google explain how to think about the move to memory safe languages: “the problem is new code.”
Automated supply chain risk assessment for software packages.
Reproducible identifiers & fine-grained build dependency tracking for software artifacts.