GUAC 1.0 Released
The GUAC project has released GUAC 1.0 with enhancements to core functionality and new experimental features.
GUAC – which stands for “Graph for Understanding Artifact Composition” – is an OpenSSF incubating project that “aggregates software security metadata into a high fidelity graph database” to provide greater insight into the software supply chain.
According to the announcement, “GUAC collects and stores SBOMs from file systems, object storage, image repositories, and code repositories. After ingesting the SBOM, GUAC parses it into a graph database, which allows the user to evaluate relationships between software packages, binaries, and container images.”
Visit the GUAC website and view the changelog for more details.
Related content
-
Trivy security scanner
The Trivy open source tool provides information on container and software security. - How to Use an SBOM
-
Security and automation with SBOMs
Already mandatory in the United States and recently approved in Europe thanks to new legislation, a software bill of materials provides information about software components, enabling IT managers to respond better to attacks and vulnerabilities. -
Building more efficient database applications with a graph database
A graph database can identify the really important relationships on a social web, find the shortest paths, and optimize visitor flows. We compare some leading open source graph database options. -
Exploring the AlmaLinux Build System
The AlmaLinux Build System lets you build, test, sign, and release packages from a single interface.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Focus On Self-Hosting
• Self-Hosted PaaS with Coolify
• Build and Host Docker Images
• Self-Hosted Pritunl VPN Server with MFA
• Self-Hosted Chat Servers
• Self-Hosted Remote Support with RustDesk
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
