Communities
Connect sessions
AI calendar
Organizations
Join Slack
Contact Sales

Terms and Conditions

Twitter GitHub LinkedIn Bluesky Youtube

© 2026 ResearchTrend.AI, All rights reserved.

Home
Papers
2208.03412
Cited By

OpenSSF Scorecard: On the Path Toward Ecosystem-wide Automated Security
Metrics

v1v2v3v4 (latest)

OpenSSF Scorecard: On the Path Toward Ecosystem-wide Automated Security Metrics

IEEE Security and Privacy (IEEE S&P), 2022

6 August 2022

Brian Hambleton

Laurie A. Williams

ArXiv (abs)PDF HTML Github (5374★)

Papers citing "OpenSSF Scorecard: On the Path Toward Ecosystem-wide Automated Security Metrics"

12 / 12 papers shown

An LLM-based Quantitative Framework for Evaluating High-Stealthy Backdoor Risks in OSS Supply Chains

An LLM-based Quantitative Framework for Evaluating High-Stealthy Backdoor Risks in OSS Supply Chains

Zhuosheng Zhang

116

0

0

17 Nov 2025

Which Is Better For Reducing Outdated and Vulnerable Dependencies: Pinning or Floating?

Which Is Better For Reducing Outdated and Vulnerable Dependencies: Pinning or Floating?

Laurie A. Williams

91

1

0

07 Oct 2025

Establishing a Baseline of Software Supply Chain Security Task Adoption by Software Organizations

Establishing a Baseline of Software Supply Chain Security Task Adoption by Software Organizations

Laurie Williams

131

0

0

09 Sep 2025

ARMS: A Vision for Actor Reputation Metric Systems in the Open-Source Software Supply Chain

ARMS: A Vision for Actor Reputation Metric Systems in the Open-Source Software Supply Chain

Kelechi G. Kalu

Santiago Torres-Arias

207

3

0

24 May 2025

LibVulnWatch: A Deep Assessment Agent System and Leaderboard for Uncovering Hidden Vulnerabilities in Open-Source AI Libraries

LibVulnWatch: A Deep Assessment Agent System and Leaderboard for Uncovering Hidden Vulnerabilities in Open-Source AI Libraries

Cristian Muñoz

Adriano Soares Koshiyama

344

2

0

13 May 2025

Assumptions to Evidence: Evaluating Security Practices Adoption and Their Impact on Outcomes in the npm Ecosystem

Assumptions to Evidence: Evaluating Security Practices Adoption and Their Impact on Outcomes in the npm Ecosystem

Laurie A. Williams

199

0

0

18 Apr 2025

Closing the Chain: How to reduce your risk of being SolarWinds, Log4j, or XZ Utils

Closing the Chain: How to reduce your risk of being SolarWinds, Log4j, or XZ Utils

Md Nazmul Haque

Laurie A. Williams

361

8

0

15 Mar 2025

Pinning Is Futile: You Need More Than Local Dependency Versioning to Defend against Supply Chain Attacks

Pinning Is Futile: You Need More Than Local Dependency Versioning to Defend against Supply Chain Attacks

Bogdan Vasilescu

158

8

0

10 Feb 2025

Six Million (Suspected) Fake Stars in GitHub: A Growing Spiral of Popularity Contests, Spams, and Malware

Six Million (Suspected) Fake Stars in GitHub: A Growing Spiral of Popularity Contests, Spams, and Malware

Philipp Burckhardt

Bogdan Vasilescu

406

6

0

18 Dec 2024

An Industry Interview Study of Software Signing for Supply Chain Security

An Industry Interview Study of Software Signing for Supply Chain Security

Kelechi G. Kalu

Santiago Torres-Arias

448

16

0

12 Jun 2024

Signing in Four Public Software Package Registries: Quantity, Quality,
and Influencing Factors

Signing in Four Public Software Package Registries: Quantity, Quality, and Influencing FactorsIEEE Symposium on Security and Privacy (S&P), 2024

Taylor R. Schorlemmer

Kelechi G. Kalu

Eman Abdul-Muhd Abu Isghair

Santiago Torres-Arias

298

16

0

26 Jan 2024

Do Software Security Practices Yield Fewer Vulnerabilities?

Do Software Security Practices Yield Fewer Vulnerabilities?

Laurie A. Williams

285

25

0

20 Oct 2022

Page 1 of 1