OpenSSF Scorecard: On the Path Toward Ecosystem-wide Automated Security
Metrics

v1v2v3v4 (latest)

OpenSSF Scorecard: On the Path Toward Ecosystem-wide Automated Security Metrics

6 August 2022

Brian Hambleton

Laurie A. Williams

ArXiv (abs)PDF HTML

Papers citing "OpenSSF Scorecard: On the Path Toward Ecosystem-wide Automated Security Metrics"

8 / 8 papers shown

Title
ARMS: A Vision for Actor Reputation Metric Systems in the Open-Source Software Supply Chain Kelechi G. Kalu Sofia Okorafor Betül Durak Kim Laine R. C. Moreno Santiago Torres-Arias James C. Davis 30 0 0 24 May 2025
LibVulnWatch: A Deep Assessment Agent System and Leaderboard for Uncovering Hidden Vulnerabilities in Open-Source AI Libraries Zekun Wu Seonglae Cho U. Mohammed Cristian Muñoz Kleyton Costa Xin Guan Theo King Ze Wang Emre Kazim Adriano Soares Koshiyama ELM 95 0 0 13 May 2025
Prioritizing Security Practice Adoption: Empirical Insights on Software Security Outcomes in the npm Ecosystem Nusrat Zahan Laurie A. Williams 59 0 0 18 Apr 2025
Closing the Chain: How to reduce your risk of being SolarWinds, Log4j, or XZ Utils Sivana Hamer Jacob Bowen Md Nazmul Haque Robert Hines Chris Madden Laurie A. Williams 174 2 0 15 Mar 2025
4.5 Million (Suspected) Fake Stars in GitHub: A Growing Spiral of Popularity Contests, Scams, and Malware Hao He Haoqin Yang Philipp Burckhardt A. Kapravelos Bogdan Vasilescu Christian Kastner 194 4 0 18 Dec 2024
An Industry Interview Study of Software Signing for Supply Chain Security Kelechi G. Kalu Tanya Singla C. Okafor Santiago Torres-Arias James C. Davis 113 7 0 12 Jun 2024
Signing in Four Public Software Package Registries: Quantity, Quality, and Influencing Factors Taylor R. Schorlemmer Kelechi G. Kalu Luke Chigges Kyung Myung Ko Eman Abdul-Muhd Abu Isghair Saurabh Baghi Santiago Torres-Arias James C. Davis 99 11 0 26 Jan 2024
Do Software Security Practices Yield Fewer Vulnerabilities? Nusrat Zahan S. Shohan Dan Harris Laurie A. Williams 78 16 0 20 Oct 2022