id sid tid token lemma pos security-googleblog-com-3840 1 1 Google Google NNP security-googleblog-com-3840 1 2 Online Online NNP security-googleblog-com-3840 1 3 Security Security NNP security-googleblog-com-3840 1 4 Blog Blog NNP security-googleblog-com-3840 1 5 : : : security-googleblog-com-3840 1 6 Know know VB security-googleblog-com-3840 1 7 , , , security-googleblog-com-3840 1 8 Prevent Prevent NNP security-googleblog-com-3840 1 9 , , , security-googleblog-com-3840 1 10 Fix fix NN security-googleblog-com-3840 1 11 : : : security-googleblog-com-3840 1 12 A a DT security-googleblog-com-3840 1 13 framework framework NN security-googleblog-com-3840 1 14 for for IN security-googleblog-com-3840 1 15 shifting shift VBG security-googleblog-com-3840 1 16 the the DT security-googleblog-com-3840 1 17 discussion discussion NN security-googleblog-com-3840 1 18 around around IN security-googleblog-com-3840 1 19 vulnerabilities vulnerability NNS security-googleblog-com-3840 1 20 in in IN security-googleblog-com-3840 1 21 open open JJ security-googleblog-com-3840 1 22 source source NN security-googleblog-com-3840 1 23 Security security NN security-googleblog-com-3840 1 24 Blog Blog NNP security-googleblog-com-3840 1 25 The the DT security-googleblog-com-3840 1 26 latest late JJS security-googleblog-com-3840 1 27 news news NN security-googleblog-com-3840 1 28 and and CC security-googleblog-com-3840 1 29 insights insight NNS security-googleblog-com-3840 1 30 from from IN security-googleblog-com-3840 1 31 Google Google NNP security-googleblog-com-3840 1 32 on on IN security-googleblog-com-3840 1 33 security security NN security-googleblog-com-3840 1 34 and and CC security-googleblog-com-3840 1 35 safety safety NN security-googleblog-com-3840 1 36 on on IN security-googleblog-com-3840 1 37 the the DT security-googleblog-com-3840 1 38 Internet internet NN security-googleblog-com-3840 1 39 Know Know NNP security-googleblog-com-3840 1 40 , , , security-googleblog-com-3840 1 41 Prevent Prevent NNP security-googleblog-com-3840 1 42 , , , security-googleblog-com-3840 1 43 Fix fix NN security-googleblog-com-3840 1 44 : : : security-googleblog-com-3840 1 45 A a DT security-googleblog-com-3840 1 46 framework framework NN security-googleblog-com-3840 1 47 for for IN security-googleblog-com-3840 1 48 shifting shift VBG security-googleblog-com-3840 1 49 the the DT security-googleblog-com-3840 1 50 discussion discussion NN security-googleblog-com-3840 1 51 around around IN security-googleblog-com-3840 1 52 vulnerabilities vulnerability NNS security-googleblog-com-3840 1 53 in in IN security-googleblog-com-3840 1 54 open open JJ security-googleblog-com-3840 1 55 source source NN security-googleblog-com-3840 1 56 February February NNP security-googleblog-com-3840 1 57 3 3 CD security-googleblog-com-3840 1 58 , , , security-googleblog-com-3840 1 59 2021 2021 CD security-googleblog-com-3840 1 60 Posted post VBN security-googleblog-com-3840 1 61 by by IN security-googleblog-com-3840 1 62 Eric Eric NNP security-googleblog-com-3840 1 63 Brewer Brewer NNP security-googleblog-com-3840 1 64 , , , security-googleblog-com-3840 1 65 Rob Rob NNP security-googleblog-com-3840 1 66 Pike Pike NNP security-googleblog-com-3840 1 67 , , , security-googleblog-com-3840 1 68 Abhishek Abhishek NNP security-googleblog-com-3840 1 69 Arya Arya NNP security-googleblog-com-3840 1 70 , , , security-googleblog-com-3840 1 71 Anne Anne NNP security-googleblog-com-3840 1 72 Bertucio Bertucio NNP security-googleblog-com-3840 1 73 and and CC security-googleblog-com-3840 1 74 Kim Kim NNP security-googleblog-com-3840 1 75 Lewandowski Lewandowski NNP security-googleblog-com-3840 1 76     _SP security-googleblog-com-3840 1 77 Executive Executive NNP security-googleblog-com-3840 1 78 Summary Summary NNP security-googleblog-com-3840 1 79 : : : security-googleblog-com-3840 1 80 The the DT security-googleblog-com-3840 1 81 security security NN security-googleblog-com-3840 1 82 of of IN security-googleblog-com-3840 1 83 open open JJ security-googleblog-com-3840 1 84 source source NN security-googleblog-com-3840 1 85 software software NN security-googleblog-com-3840 1 86 has have VBZ security-googleblog-com-3840 1 87 rightfully rightfully RB security-googleblog-com-3840 1 88 garnered garner VBN security-googleblog-com-3840 1 89 the the DT security-googleblog-com-3840 1 90 industry industry NN security-googleblog-com-3840 1 91 ’s ’s POS security-googleblog-com-3840 1 92 attention attention NN security-googleblog-com-3840 1 93 , , , security-googleblog-com-3840 1 94 but but CC security-googleblog-com-3840 1 95 solutions solution NNS security-googleblog-com-3840 1 96 require require VBP security-googleblog-com-3840 1 97 consensus consensus NN security-googleblog-com-3840 1 98 about about IN security-googleblog-com-3840 1 99 the the DT security-googleblog-com-3840 1 100 challenges challenge NNS security-googleblog-com-3840 1 101 and and CC security-googleblog-com-3840 1 102 cooperation cooperation NN security-googleblog-com-3840 1 103 in in IN security-googleblog-com-3840 1 104 the the DT security-googleblog-com-3840 1 105 execution execution NN security-googleblog-com-3840 1 106 . . . security-googleblog-com-3840 2 1 The the DT security-googleblog-com-3840 2 2 problem problem NN security-googleblog-com-3840 2 3 is be VBZ security-googleblog-com-3840 2 4 complex complex JJ security-googleblog-com-3840 2 5 and and CC security-googleblog-com-3840 2 6 there there EX security-googleblog-com-3840 2 7 are be VBP security-googleblog-com-3840 2 8 many many JJ security-googleblog-com-3840 2 9 facets facet NNS security-googleblog-com-3840 2 10 to to TO security-googleblog-com-3840 2 11 cover cover VB security-googleblog-com-3840 2 12 : : : security-googleblog-com-3840 2 13 supply supply NN security-googleblog-com-3840 2 14 chain chain NN security-googleblog-com-3840 2 15 , , , security-googleblog-com-3840 2 16 dependency dependency NN security-googleblog-com-3840 2 17 management management NN security-googleblog-com-3840 2 18 , , , security-googleblog-com-3840 2 19 identity identity NN security-googleblog-com-3840 2 20 , , , security-googleblog-com-3840 2 21 and and CC security-googleblog-com-3840 2 22 build build VB security-googleblog-com-3840 2 23 pipelines pipeline NNS security-googleblog-com-3840 2 24 . . . security-googleblog-com-3840 3 1 Solutions solution NNS security-googleblog-com-3840 3 2 come come VBP security-googleblog-com-3840 3 3 faster fast RBR security-googleblog-com-3840 3 4 when when WRB security-googleblog-com-3840 3 5 the the DT security-googleblog-com-3840 3 6 problem problem NN security-googleblog-com-3840 3 7 is be VBZ security-googleblog-com-3840 3 8 well well RB security-googleblog-com-3840 3 9 - - HYPH security-googleblog-com-3840 3 10 framed frame VBN security-googleblog-com-3840 3 11 ; ; : security-googleblog-com-3840 3 12 we -PRON- PRP security-googleblog-com-3840 3 13 propose propose VBP security-googleblog-com-3840 3 14 a a DT security-googleblog-com-3840 3 15 framework framework NN security-googleblog-com-3840 3 16 ( ( -LRB- security-googleblog-com-3840 3 17 “ " `` security-googleblog-com-3840 3 18 Know know VB security-googleblog-com-3840 3 19 , , , security-googleblog-com-3840 3 20 Prevent Prevent NNP security-googleblog-com-3840 3 21 , , , security-googleblog-com-3840 3 22 Fix Fix NNP security-googleblog-com-3840 3 23 ” " '' security-googleblog-com-3840 3 24 ) ) -RRB- security-googleblog-com-3840 3 25 for for IN security-googleblog-com-3840 3 26 how how WRB security-googleblog-com-3840 3 27 the the DT security-googleblog-com-3840 3 28 industry industry NN security-googleblog-com-3840 3 29 can can MD security-googleblog-com-3840 3 30 think think VB security-googleblog-com-3840 3 31 about about IN security-googleblog-com-3840 3 32 vulnerabilities vulnerability NNS security-googleblog-com-3840 3 33 in in IN security-googleblog-com-3840 3 34 open open JJ security-googleblog-com-3840 3 35 source source NN security-googleblog-com-3840 3 36 and and CC security-googleblog-com-3840 3 37 concrete concrete JJ security-googleblog-com-3840 3 38 areas area NNS security-googleblog-com-3840 3 39 to to TO security-googleblog-com-3840 3 40 address address VB security-googleblog-com-3840 3 41 first first RB security-googleblog-com-3840 3 42 , , , security-googleblog-com-3840 3 43 including include VBG security-googleblog-com-3840 3 44 : : : security-googleblog-com-3840 3 45 Consensus consensus NN security-googleblog-com-3840 3 46 on on IN security-googleblog-com-3840 3 47 metadata metadata NN security-googleblog-com-3840 3 48 and and CC security-googleblog-com-3840 3 49 identity identity NN security-googleblog-com-3840 3 50 standards standard NNS security-googleblog-com-3840 3 51 : : : security-googleblog-com-3840 3 52 We -PRON- PRP security-googleblog-com-3840 3 53 need need VBP security-googleblog-com-3840 3 54 consensus consensus NN security-googleblog-com-3840 3 55 on on IN security-googleblog-com-3840 3 56 fundamentals fundamental NNS security-googleblog-com-3840 3 57 to to TO security-googleblog-com-3840 3 58 tackle tackle VB security-googleblog-com-3840 3 59 these these DT security-googleblog-com-3840 3 60 complex complex JJ security-googleblog-com-3840 3 61 problems problem NNS security-googleblog-com-3840 3 62 as as IN security-googleblog-com-3840 3 63 an an DT security-googleblog-com-3840 3 64 industry industry NN security-googleblog-com-3840 3 65 . . . security-googleblog-com-3840 4 1 Agreements agreement NNS security-googleblog-com-3840 4 2 on on IN security-googleblog-com-3840 4 3 metadata metadata NN security-googleblog-com-3840 4 4 details detail NNS security-googleblog-com-3840 4 5 and and CC security-googleblog-com-3840 4 6 identities identity NNS security-googleblog-com-3840 4 7 will will MD security-googleblog-com-3840 4 8 enable enable VB security-googleblog-com-3840 4 9 automation automation NN security-googleblog-com-3840 4 10 , , , security-googleblog-com-3840 4 11 reduce reduce VB security-googleblog-com-3840 4 12 the the DT security-googleblog-com-3840 4 13 effort effort NN security-googleblog-com-3840 4 14 required require VBN security-googleblog-com-3840 4 15 to to TO security-googleblog-com-3840 4 16 update update VB security-googleblog-com-3840 4 17 software software NN security-googleblog-com-3840 4 18 , , , security-googleblog-com-3840 4 19 and and CC security-googleblog-com-3840 4 20 minimize minimize VB security-googleblog-com-3840 4 21 the the DT security-googleblog-com-3840 4 22 impact impact NN security-googleblog-com-3840 4 23 of of IN security-googleblog-com-3840 4 24 vulnerabilities vulnerability NNS security-googleblog-com-3840 4 25 . . . security-googleblog-com-3840 5 1 Increased increase VBN security-googleblog-com-3840 5 2 transparency transparency NN security-googleblog-com-3840 5 3 and and CC security-googleblog-com-3840 5 4 review review NN security-googleblog-com-3840 5 5 for for IN security-googleblog-com-3840 5 6 critical critical JJ security-googleblog-com-3840 5 7 software software NN security-googleblog-com-3840 5 8 : : : security-googleblog-com-3840 5 9 For for IN security-googleblog-com-3840 5 10 software software NN security-googleblog-com-3840 5 11 that that WDT security-googleblog-com-3840 5 12 is be VBZ security-googleblog-com-3840 5 13 critical critical JJ security-googleblog-com-3840 5 14 to to IN security-googleblog-com-3840 5 15 security security NN security-googleblog-com-3840 5 16 , , , security-googleblog-com-3840 5 17 we -PRON- PRP security-googleblog-com-3840 5 18 need need VBP security-googleblog-com-3840 5 19 to to TO security-googleblog-com-3840 5 20 agree agree VB security-googleblog-com-3840 5 21 on on IN security-googleblog-com-3840 5 22 development development NN security-googleblog-com-3840 5 23 processes process NNS security-googleblog-com-3840 5 24 that that WDT security-googleblog-com-3840 5 25 ensure ensure VBP security-googleblog-com-3840 5 26 sufficient sufficient JJ security-googleblog-com-3840 5 27 review review NN security-googleblog-com-3840 5 28 , , , security-googleblog-com-3840 5 29 avoid avoid VB security-googleblog-com-3840 5 30 unilateral unilateral JJ security-googleblog-com-3840 5 31 changes change NNS security-googleblog-com-3840 5 32 , , , security-googleblog-com-3840 5 33 and and CC security-googleblog-com-3840 5 34 transparently transparently RB security-googleblog-com-3840 5 35 lead lead VB security-googleblog-com-3840 5 36 to to IN security-googleblog-com-3840 5 37 well well RB security-googleblog-com-3840 5 38 - - HYPH security-googleblog-com-3840 5 39 defined define VBN security-googleblog-com-3840 5 40 , , , security-googleblog-com-3840 5 41 verifiable verifiable JJ security-googleblog-com-3840 5 42 official official JJ security-googleblog-com-3840 5 43 versions version NNS security-googleblog-com-3840 5 44 . . . security-googleblog-com-3840 6 1 The the DT security-googleblog-com-3840 6 2 following follow VBG security-googleblog-com-3840 6 3 framework framework NN security-googleblog-com-3840 6 4 and and CC security-googleblog-com-3840 6 5 goals goal NNS security-googleblog-com-3840 6 6 are be VBP security-googleblog-com-3840 6 7 proposed propose VBN security-googleblog-com-3840 6 8 with with IN security-googleblog-com-3840 6 9 the the DT security-googleblog-com-3840 6 10 intention intention NN security-googleblog-com-3840 6 11 of of IN security-googleblog-com-3840 6 12 sparking spark VBG security-googleblog-com-3840 6 13 industry industry NN security-googleblog-com-3840 6 14 - - HYPH security-googleblog-com-3840 6 15 wide wide JJ security-googleblog-com-3840 6 16 discussion discussion NN security-googleblog-com-3840 6 17 and and CC security-googleblog-com-3840 6 18 progress progress NN security-googleblog-com-3840 6 19 on on IN security-googleblog-com-3840 6 20 the the DT security-googleblog-com-3840 6 21 security security NN security-googleblog-com-3840 6 22 of of IN security-googleblog-com-3840 6 23 open open JJ security-googleblog-com-3840 6 24 source source NN security-googleblog-com-3840 6 25 software software NN security-googleblog-com-3840 6 26 . . . security-googleblog-com-3840 7 1 Due due IN security-googleblog-com-3840 7 2 to to IN security-googleblog-com-3840 7 3 recent recent JJ security-googleblog-com-3840 7 4 events event NNS security-googleblog-com-3840 7 5 , , , security-googleblog-com-3840 7 6 the the DT security-googleblog-com-3840 7 7 software software NN security-googleblog-com-3840 7 8 world world NN security-googleblog-com-3840 7 9 gained gain VBD security-googleblog-com-3840 7 10 a a DT security-googleblog-com-3840 7 11 deeper deep JJR security-googleblog-com-3840 7 12 understanding understanding NN security-googleblog-com-3840 7 13 about about IN security-googleblog-com-3840 7 14 the the DT security-googleblog-com-3840 7 15 real real JJ security-googleblog-com-3840 7 16 risk risk NN security-googleblog-com-3840 7 17 of of IN security-googleblog-com-3840 7 18 supply supply NN security-googleblog-com-3840 7 19 - - HYPH security-googleblog-com-3840 7 20 chain chain NN security-googleblog-com-3840 7 21 attacks attack NNS security-googleblog-com-3840 7 22 . . . security-googleblog-com-3840 8 1 Open open JJ security-googleblog-com-3840 8 2 source source NN security-googleblog-com-3840 8 3 software software NN security-googleblog-com-3840 8 4 should should MD security-googleblog-com-3840 8 5 be be VB security-googleblog-com-3840 8 6 less less RBR security-googleblog-com-3840 8 7 risky risky JJ security-googleblog-com-3840 8 8 on on IN security-googleblog-com-3840 8 9 the the DT security-googleblog-com-3840 8 10 security security NN security-googleblog-com-3840 8 11 front front NN security-googleblog-com-3840 8 12 , , , security-googleblog-com-3840 8 13 as as IN security-googleblog-com-3840 8 14 all all DT security-googleblog-com-3840 8 15 of of IN security-googleblog-com-3840 8 16 the the DT security-googleblog-com-3840 8 17 code code NN security-googleblog-com-3840 8 18 and and CC security-googleblog-com-3840 8 19 dependencies dependency NNS security-googleblog-com-3840 8 20 are be VBP security-googleblog-com-3840 8 21 in in IN security-googleblog-com-3840 8 22 the the DT security-googleblog-com-3840 8 23 open open JJ security-googleblog-com-3840 8 24 and and CC security-googleblog-com-3840 8 25 available available JJ security-googleblog-com-3840 8 26 for for IN security-googleblog-com-3840 8 27 inspection inspection NN security-googleblog-com-3840 8 28 and and CC security-googleblog-com-3840 8 29 verification verification NN security-googleblog-com-3840 8 30 . . . security-googleblog-com-3840 9 1 And and CC security-googleblog-com-3840 9 2 while while IN security-googleblog-com-3840 9 3 that that DT security-googleblog-com-3840 9 4 is be VBZ security-googleblog-com-3840 9 5 generally generally RB security-googleblog-com-3840 9 6 true true JJ security-googleblog-com-3840 9 7 , , , security-googleblog-com-3840 9 8 it -PRON- PRP security-googleblog-com-3840 9 9 assumes assume VBZ security-googleblog-com-3840 9 10 people people NNS security-googleblog-com-3840 9 11 are be VBP security-googleblog-com-3840 9 12 actually actually RB security-googleblog-com-3840 9 13 looking look VBG security-googleblog-com-3840 9 14 . . . security-googleblog-com-3840 10 1 With with IN security-googleblog-com-3840 10 2 so so RB security-googleblog-com-3840 10 3 many many JJ security-googleblog-com-3840 10 4 dependencies dependency NNS security-googleblog-com-3840 10 5 , , , security-googleblog-com-3840 10 6 it -PRON- PRP security-googleblog-com-3840 10 7 is be VBZ security-googleblog-com-3840 10 8 impractical impractical JJ security-googleblog-com-3840 10 9 to to TO security-googleblog-com-3840 10 10 monitor monitor VB security-googleblog-com-3840 10 11 them -PRON- PRP security-googleblog-com-3840 10 12 all all DT security-googleblog-com-3840 10 13 , , , security-googleblog-com-3840 10 14 and and CC security-googleblog-com-3840 10 15 many many JJ security-googleblog-com-3840 10 16 open open JJ security-googleblog-com-3840 10 17 source source NN security-googleblog-com-3840 10 18 packages package NNS security-googleblog-com-3840 10 19 are be VBP security-googleblog-com-3840 10 20 not not RB security-googleblog-com-3840 10 21 well well RB security-googleblog-com-3840 10 22 maintained maintain VBN security-googleblog-com-3840 10 23 . . . security-googleblog-com-3840 11 1 It -PRON- PRP security-googleblog-com-3840 11 2 is be VBZ security-googleblog-com-3840 11 3 common common JJ security-googleblog-com-3840 11 4 for for IN security-googleblog-com-3840 11 5 a a DT security-googleblog-com-3840 11 6 program program NN security-googleblog-com-3840 11 7 to to TO security-googleblog-com-3840 11 8 depend depend VB security-googleblog-com-3840 11 9 , , , security-googleblog-com-3840 11 10 directly directly RB security-googleblog-com-3840 11 11 or or CC security-googleblog-com-3840 11 12 indirectly indirectly RB security-googleblog-com-3840 11 13 , , , security-googleblog-com-3840 11 14 on on IN security-googleblog-com-3840 11 15 thousands thousand NNS security-googleblog-com-3840 11 16 of of IN security-googleblog-com-3840 11 17 packages package NNS security-googleblog-com-3840 11 18 and and CC security-googleblog-com-3840 11 19 libraries library NNS security-googleblog-com-3840 11 20 . . . security-googleblog-com-3840 12 1 For for IN security-googleblog-com-3840 12 2 example example NN security-googleblog-com-3840 12 3 , , , security-googleblog-com-3840 12 4 Kubernetes Kubernetes NNPS security-googleblog-com-3840 12 5 now now RB security-googleblog-com-3840 12 6 depends depend VBZ security-googleblog-com-3840 12 7 on on IN security-googleblog-com-3840 12 8 about about RB security-googleblog-com-3840 12 9 1,000 1,000 CD security-googleblog-com-3840 12 10 packages package NNS security-googleblog-com-3840 12 11 . . . security-googleblog-com-3840 13 1 Open open JJ security-googleblog-com-3840 13 2 source source NN security-googleblog-com-3840 13 3 likely likely RB security-googleblog-com-3840 13 4 makes make VBZ security-googleblog-com-3840 13 5 more more JJR security-googleblog-com-3840 13 6 use use NN security-googleblog-com-3840 13 7 of of IN security-googleblog-com-3840 13 8 dependencies dependency NNS security-googleblog-com-3840 13 9 than than IN security-googleblog-com-3840 13 10 closed close VBN security-googleblog-com-3840 13 11 source source NN security-googleblog-com-3840 13 12 , , , security-googleblog-com-3840 13 13 and and CC security-googleblog-com-3840 13 14 from from IN security-googleblog-com-3840 13 15 a a DT security-googleblog-com-3840 13 16 wider wide JJR security-googleblog-com-3840 13 17 range range NN security-googleblog-com-3840 13 18 of of IN security-googleblog-com-3840 13 19 suppliers supplier NNS security-googleblog-com-3840 13 20 ; ; : security-googleblog-com-3840 13 21 the the DT security-googleblog-com-3840 13 22 number number NN security-googleblog-com-3840 13 23 of of IN security-googleblog-com-3840 13 24 distinct distinct JJ security-googleblog-com-3840 13 25 entities entity NNS security-googleblog-com-3840 13 26 that that WDT security-googleblog-com-3840 13 27 need need VBP security-googleblog-com-3840 13 28 to to TO security-googleblog-com-3840 13 29 be be VB security-googleblog-com-3840 13 30 trusted trust VBN security-googleblog-com-3840 13 31 can can MD security-googleblog-com-3840 13 32 be be VB security-googleblog-com-3840 13 33 very very RB security-googleblog-com-3840 13 34 high high JJ security-googleblog-com-3840 13 35 . . . security-googleblog-com-3840 14 1 This this DT security-googleblog-com-3840 14 2 makes make VBZ security-googleblog-com-3840 14 3 it -PRON- PRP security-googleblog-com-3840 14 4 extremely extremely RB security-googleblog-com-3840 14 5 difficult difficult JJ security-googleblog-com-3840 14 6 to to TO security-googleblog-com-3840 14 7 understand understand VB security-googleblog-com-3840 14 8 how how WRB security-googleblog-com-3840 14 9 open open JJ security-googleblog-com-3840 14 10 source source NN security-googleblog-com-3840 14 11 is be VBZ security-googleblog-com-3840 14 12 used use VBN security-googleblog-com-3840 14 13 in in IN security-googleblog-com-3840 14 14 products product NNS security-googleblog-com-3840 14 15 and and CC security-googleblog-com-3840 14 16 what what WDT security-googleblog-com-3840 14 17 vulnerabilities vulnerability NNS security-googleblog-com-3840 14 18 might may MD security-googleblog-com-3840 14 19 be be VB security-googleblog-com-3840 14 20 relevant relevant JJ security-googleblog-com-3840 14 21 . . . security-googleblog-com-3840 15 1 There there EX security-googleblog-com-3840 15 2 is be VBZ security-googleblog-com-3840 15 3 also also RB security-googleblog-com-3840 15 4 no no DT security-googleblog-com-3840 15 5 assurance assurance NN security-googleblog-com-3840 15 6 that that IN security-googleblog-com-3840 15 7 what what WP security-googleblog-com-3840 15 8 is be VBZ security-googleblog-com-3840 15 9 built build VBN security-googleblog-com-3840 15 10 matches match NNS security-googleblog-com-3840 15 11 the the DT security-googleblog-com-3840 15 12 source source NN security-googleblog-com-3840 15 13 code code NN security-googleblog-com-3840 15 14 . . . security-googleblog-com-3840 16 1 Taking take VBG security-googleblog-com-3840 16 2 a a DT security-googleblog-com-3840 16 3 step step NN security-googleblog-com-3840 16 4 back back RB security-googleblog-com-3840 16 5 , , , security-googleblog-com-3840 16 6 although although IN security-googleblog-com-3840 16 7 supply supply NN security-googleblog-com-3840 16 8 - - HYPH security-googleblog-com-3840 16 9 chain chain NN security-googleblog-com-3840 16 10 attacks attack NNS security-googleblog-com-3840 16 11 are be VBP security-googleblog-com-3840 16 12 a a DT security-googleblog-com-3840 16 13 risk risk NN security-googleblog-com-3840 16 14 , , , security-googleblog-com-3840 16 15 the the DT security-googleblog-com-3840 16 16 vast vast JJ security-googleblog-com-3840 16 17 majority majority NN security-googleblog-com-3840 16 18 of of IN security-googleblog-com-3840 16 19 vulnerabilities vulnerability NNS security-googleblog-com-3840 16 20 are be VBP security-googleblog-com-3840 16 21 mundane mundane JJ security-googleblog-com-3840 16 22 and and CC security-googleblog-com-3840 16 23 unintentional unintentional JJ security-googleblog-com-3840 16 24 — — : security-googleblog-com-3840 16 25 honest honest JJ security-googleblog-com-3840 16 26 errors error NNS security-googleblog-com-3840 16 27 made make VBN security-googleblog-com-3840 16 28 by by IN security-googleblog-com-3840 16 29 well well RB security-googleblog-com-3840 16 30 - - HYPH security-googleblog-com-3840 16 31 intentioned intentione VBN security-googleblog-com-3840 16 32 developers developer NNS security-googleblog-com-3840 16 33 . . . security-googleblog-com-3840 17 1 Furthermore furthermore RB security-googleblog-com-3840 17 2 , , , security-googleblog-com-3840 17 3 bad bad JJ security-googleblog-com-3840 17 4 actors actor NNS security-googleblog-com-3840 17 5 are be VBP security-googleblog-com-3840 17 6 more more RBR security-googleblog-com-3840 17 7 likely likely JJ security-googleblog-com-3840 17 8 to to TO security-googleblog-com-3840 17 9 exploit exploit VB security-googleblog-com-3840 17 10 known known JJ security-googleblog-com-3840 17 11 vulnerabilities vulnerability NNS security-googleblog-com-3840 17 12 than than IN security-googleblog-com-3840 17 13 to to TO security-googleblog-com-3840 17 14 find find VB security-googleblog-com-3840 17 15 their -PRON- PRP$ security-googleblog-com-3840 17 16 own own JJ security-googleblog-com-3840 17 17 : : : security-googleblog-com-3840 17 18 it -PRON- PRP security-googleblog-com-3840 17 19 ’s ’ VBZ security-googleblog-com-3840 17 20 just just RB security-googleblog-com-3840 17 21 easier easy JJR security-googleblog-com-3840 17 22 . . . security-googleblog-com-3840 18 1 As as IN security-googleblog-com-3840 18 2 such such JJ security-googleblog-com-3840 18 3 , , , security-googleblog-com-3840 18 4 we -PRON- PRP security-googleblog-com-3840 18 5 must must MD security-googleblog-com-3840 18 6 focus focus VB security-googleblog-com-3840 18 7 on on IN security-googleblog-com-3840 18 8 making make VBG security-googleblog-com-3840 18 9 fundamental fundamental JJ security-googleblog-com-3840 18 10 changes change NNS security-googleblog-com-3840 18 11 to to TO security-googleblog-com-3840 18 12 address address VB security-googleblog-com-3840 18 13 the the DT security-googleblog-com-3840 18 14 majority majority NN security-googleblog-com-3840 18 15 of of IN security-googleblog-com-3840 18 16 vulnerabilities vulnerability NNS security-googleblog-com-3840 18 17 , , , security-googleblog-com-3840 18 18 as as IN security-googleblog-com-3840 18 19 doing do VBG security-googleblog-com-3840 18 20 so so RB security-googleblog-com-3840 18 21 will will MD security-googleblog-com-3840 18 22 move move VB security-googleblog-com-3840 18 23 the the DT security-googleblog-com-3840 18 24 entire entire JJ security-googleblog-com-3840 18 25 industry industry NN security-googleblog-com-3840 18 26 far far RB security-googleblog-com-3840 18 27 along along RB security-googleblog-com-3840 18 28 in in IN security-googleblog-com-3840 18 29 addressing address VBG security-googleblog-com-3840 18 30 the the DT security-googleblog-com-3840 18 31 complex complex JJ security-googleblog-com-3840 18 32 cases case NNS security-googleblog-com-3840 18 33 as as RB security-googleblog-com-3840 18 34 well well RB security-googleblog-com-3840 18 35 , , , security-googleblog-com-3840 18 36 including include VBG security-googleblog-com-3840 18 37 supply supply NN security-googleblog-com-3840 18 38 - - HYPH security-googleblog-com-3840 18 39 chain chain NN security-googleblog-com-3840 18 40 attacks attack NNS security-googleblog-com-3840 18 41 . . . security-googleblog-com-3840 19 1 Few few JJ security-googleblog-com-3840 19 2 organizations organization NNS security-googleblog-com-3840 19 3 can can MD security-googleblog-com-3840 19 4 verify verify VB security-googleblog-com-3840 19 5 all all DT security-googleblog-com-3840 19 6 of of IN security-googleblog-com-3840 19 7 the the DT security-googleblog-com-3840 19 8 packages package NNS security-googleblog-com-3840 19 9 they -PRON- PRP security-googleblog-com-3840 19 10 use use VBP security-googleblog-com-3840 19 11 , , , security-googleblog-com-3840 19 12 let let VB security-googleblog-com-3840 19 13 alone alone RB security-googleblog-com-3840 19 14 all all DT security-googleblog-com-3840 19 15 of of IN security-googleblog-com-3840 19 16 the the DT security-googleblog-com-3840 19 17 updates update NNS security-googleblog-com-3840 19 18 to to IN security-googleblog-com-3840 19 19 those those DT security-googleblog-com-3840 19 20 packages package NNS security-googleblog-com-3840 19 21 . . . security-googleblog-com-3840 20 1 In in IN security-googleblog-com-3840 20 2 the the DT security-googleblog-com-3840 20 3 current current JJ security-googleblog-com-3840 20 4 landscape landscape NN security-googleblog-com-3840 20 5 , , , security-googleblog-com-3840 20 6 tracking track VBG security-googleblog-com-3840 20 7 these these DT security-googleblog-com-3840 20 8 packages package NNS security-googleblog-com-3840 20 9 takes take VBZ security-googleblog-com-3840 20 10 a a DT security-googleblog-com-3840 20 11 non non JJ security-googleblog-com-3840 20 12 - - JJ security-googleblog-com-3840 20 13 trivial trivial JJ security-googleblog-com-3840 20 14 amount amount NN security-googleblog-com-3840 20 15 of of IN security-googleblog-com-3840 20 16 infrastructure infrastructure NN security-googleblog-com-3840 20 17 , , , security-googleblog-com-3840 20 18 and and CC security-googleblog-com-3840 20 19 significant significant JJ security-googleblog-com-3840 20 20 manual manual JJ security-googleblog-com-3840 20 21 effort effort NN security-googleblog-com-3840 20 22 . . . security-googleblog-com-3840 21 1 At at IN security-googleblog-com-3840 21 2 Google Google NNP security-googleblog-com-3840 21 3 , , , security-googleblog-com-3840 21 4 we -PRON- PRP security-googleblog-com-3840 21 5 have have VBP security-googleblog-com-3840 21 6 those those DT security-googleblog-com-3840 21 7 resources resource NNS security-googleblog-com-3840 21 8 and and CC security-googleblog-com-3840 21 9 go go VB security-googleblog-com-3840 21 10 to to IN security-googleblog-com-3840 21 11 extraordinary extraordinary JJ security-googleblog-com-3840 21 12 lengths length NNS security-googleblog-com-3840 21 13 to to TO security-googleblog-com-3840 21 14 manage manage VB security-googleblog-com-3840 21 15 the the DT security-googleblog-com-3840 21 16 open open JJ security-googleblog-com-3840 21 17 source source NN security-googleblog-com-3840 21 18 packages package NNS security-googleblog-com-3840 21 19 we -PRON- PRP security-googleblog-com-3840 21 20 use use VBP security-googleblog-com-3840 21 21 — — : security-googleblog-com-3840 21 22 including include VBG security-googleblog-com-3840 21 23 keeping keep VBG security-googleblog-com-3840 21 24 a a DT security-googleblog-com-3840 21 25 private private JJ security-googleblog-com-3840 21 26 repo repo NN security-googleblog-com-3840 21 27 of of IN security-googleblog-com-3840 21 28 all all DT security-googleblog-com-3840 21 29 open open JJ security-googleblog-com-3840 21 30 source source NN security-googleblog-com-3840 21 31 packages package NNS security-googleblog-com-3840 21 32 we -PRON- PRP security-googleblog-com-3840 21 33 use use VBP security-googleblog-com-3840 21 34 internally internally RB security-googleblog-com-3840 21 35 — — : security-googleblog-com-3840 21 36 and and CC security-googleblog-com-3840 21 37 it -PRON- PRP security-googleblog-com-3840 21 38 is be VBZ security-googleblog-com-3840 21 39 still still RB security-googleblog-com-3840 21 40 challenging challenge VBG security-googleblog-com-3840 21 41 to to TO security-googleblog-com-3840 21 42 track track VB security-googleblog-com-3840 21 43 all all DT security-googleblog-com-3840 21 44 of of IN security-googleblog-com-3840 21 45 the the DT security-googleblog-com-3840 21 46 updates update NNS security-googleblog-com-3840 21 47 . . . security-googleblog-com-3840 22 1 The the DT security-googleblog-com-3840 22 2 sheer sheer JJ security-googleblog-com-3840 22 3 flow flow NN security-googleblog-com-3840 22 4 of of IN security-googleblog-com-3840 22 5 updates update NNS security-googleblog-com-3840 22 6 is be VBZ security-googleblog-com-3840 22 7 daunting daunt VBG security-googleblog-com-3840 22 8 . . . security-googleblog-com-3840 23 1 A a DT security-googleblog-com-3840 23 2 core core JJ security-googleblog-com-3840 23 3 part part NN security-googleblog-com-3840 23 4 of of IN security-googleblog-com-3840 23 5 any any DT security-googleblog-com-3840 23 6 solution solution NN security-googleblog-com-3840 23 7 will will MD security-googleblog-com-3840 23 8 be be VB security-googleblog-com-3840 23 9 more more JJR security-googleblog-com-3840 23 10 automation automation NN security-googleblog-com-3840 23 11 , , , security-googleblog-com-3840 23 12 and and CC security-googleblog-com-3840 23 13 this this DT security-googleblog-com-3840 23 14 will will MD security-googleblog-com-3840 23 15 be be VB security-googleblog-com-3840 23 16 a a DT security-googleblog-com-3840 23 17 key key JJ security-googleblog-com-3840 23 18 theme theme NN security-googleblog-com-3840 23 19 for for IN security-googleblog-com-3840 23 20 our -PRON- PRP$ security-googleblog-com-3840 23 21 open open JJ security-googleblog-com-3840 23 22 source source NN security-googleblog-com-3840 23 23 security security NN security-googleblog-com-3840 23 24 work work NN security-googleblog-com-3840 23 25 in in IN security-googleblog-com-3840 23 26 2021 2021 CD security-googleblog-com-3840 23 27 and and CC security-googleblog-com-3840 23 28 beyond beyond IN security-googleblog-com-3840 23 29 . . . security-googleblog-com-3840 24 1 Because because IN security-googleblog-com-3840 24 2 this this DT security-googleblog-com-3840 24 3 is be VBZ security-googleblog-com-3840 24 4 a a DT security-googleblog-com-3840 24 5 complex complex JJ security-googleblog-com-3840 24 6 problem problem NN security-googleblog-com-3840 24 7 that that WDT security-googleblog-com-3840 24 8 needs need VBZ security-googleblog-com-3840 24 9 industry industry NN security-googleblog-com-3840 24 10 cooperation cooperation NN security-googleblog-com-3840 24 11 , , , security-googleblog-com-3840 24 12 our -PRON- PRP$ security-googleblog-com-3840 24 13 purpose purpose NN security-googleblog-com-3840 24 14 here here RB security-googleblog-com-3840 24 15 is be VBZ security-googleblog-com-3840 24 16 to to TO security-googleblog-com-3840 24 17 focus focus VB security-googleblog-com-3840 24 18 the the DT security-googleblog-com-3840 24 19 conversation conversation NN security-googleblog-com-3840 24 20 around around IN security-googleblog-com-3840 24 21 concrete concrete JJ security-googleblog-com-3840 24 22 goals goal NNS security-googleblog-com-3840 24 23 . . . security-googleblog-com-3840 25 1 Google Google NNP security-googleblog-com-3840 25 2 co co VBD security-googleblog-com-3840 25 3 - - VBD security-googleblog-com-3840 25 4 founded found VBD security-googleblog-com-3840 25 5 the the DT security-googleblog-com-3840 25 6 OpenSSF OpenSSF NNPS security-googleblog-com-3840 25 7 to to TO security-googleblog-com-3840 25 8 be be VB security-googleblog-com-3840 25 9 a a DT security-googleblog-com-3840 25 10 focal focal JJ security-googleblog-com-3840 25 11 point point NN security-googleblog-com-3840 25 12 for for IN security-googleblog-com-3840 25 13 this this DT security-googleblog-com-3840 25 14 collaboration collaboration NN security-googleblog-com-3840 25 15 , , , security-googleblog-com-3840 25 16 but but CC security-googleblog-com-3840 25 17 to to TO security-googleblog-com-3840 25 18 make make VB security-googleblog-com-3840 25 19 progress progress NN security-googleblog-com-3840 25 20 , , , security-googleblog-com-3840 25 21 we -PRON- PRP security-googleblog-com-3840 25 22 need need VBP security-googleblog-com-3840 25 23 participation participation NN security-googleblog-com-3840 25 24 across across IN security-googleblog-com-3840 25 25 the the DT security-googleblog-com-3840 25 26 industry industry NN security-googleblog-com-3840 25 27 , , , security-googleblog-com-3840 25 28 and and CC security-googleblog-com-3840 25 29 agreement agreement NN security-googleblog-com-3840 25 30 on on IN security-googleblog-com-3840 25 31 what what WP security-googleblog-com-3840 25 32 the the DT security-googleblog-com-3840 25 33 problems problem NNS security-googleblog-com-3840 25 34 are be VBP security-googleblog-com-3840 25 35 and and CC security-googleblog-com-3840 25 36 how how WRB security-googleblog-com-3840 25 37 we -PRON- PRP security-googleblog-com-3840 25 38 might may MD security-googleblog-com-3840 25 39 address address VB security-googleblog-com-3840 25 40 them -PRON- PRP security-googleblog-com-3840 25 41 . . . security-googleblog-com-3840 26 1 To to TO security-googleblog-com-3840 26 2 get get VB security-googleblog-com-3840 26 3 the the DT security-googleblog-com-3840 26 4 discussion discussion NN security-googleblog-com-3840 26 5 started start VBD security-googleblog-com-3840 26 6 , , , security-googleblog-com-3840 26 7 we -PRON- PRP security-googleblog-com-3840 26 8 present present VBP security-googleblog-com-3840 26 9 one one CD security-googleblog-com-3840 26 10 way way NN security-googleblog-com-3840 26 11 to to TO security-googleblog-com-3840 26 12 frame frame VB security-googleblog-com-3840 26 13 this this DT security-googleblog-com-3840 26 14 problem problem NN security-googleblog-com-3840 26 15 , , , security-googleblog-com-3840 26 16 and and CC security-googleblog-com-3840 26 17 a a DT security-googleblog-com-3840 26 18 set set NN security-googleblog-com-3840 26 19 of of IN security-googleblog-com-3840 26 20 concrete concrete JJ security-googleblog-com-3840 26 21 goals goal NNS security-googleblog-com-3840 26 22 that that WDT security-googleblog-com-3840 26 23 we -PRON- PRP security-googleblog-com-3840 26 24 hope hope VBP security-googleblog-com-3840 26 25 will will MD security-googleblog-com-3840 26 26 accelerate accelerate VB security-googleblog-com-3840 26 27 industry industry NN security-googleblog-com-3840 26 28 - - HYPH security-googleblog-com-3840 26 29 wide wide JJ security-googleblog-com-3840 26 30 solutions solution NNS security-googleblog-com-3840 26 31 . . . security-googleblog-com-3840 27 1 We -PRON- PRP security-googleblog-com-3840 27 2 suggest suggest VBP security-googleblog-com-3840 27 3 framing frame VBG security-googleblog-com-3840 27 4 the the DT security-googleblog-com-3840 27 5 challenge challenge NN security-googleblog-com-3840 27 6 as as IN security-googleblog-com-3840 27 7 three three CD security-googleblog-com-3840 27 8 largely largely RB security-googleblog-com-3840 27 9 independent independent JJ security-googleblog-com-3840 27 10 problem problem NN security-googleblog-com-3840 27 11 areas area NNS security-googleblog-com-3840 27 12 , , , security-googleblog-com-3840 27 13 each each DT security-googleblog-com-3840 27 14 with with IN security-googleblog-com-3840 27 15 concrete concrete JJ security-googleblog-com-3840 27 16 objectives objective NNS security-googleblog-com-3840 27 17 : : : security-googleblog-com-3840 27 18 Know know VB security-googleblog-com-3840 27 19 about about IN security-googleblog-com-3840 27 20 the the DT security-googleblog-com-3840 27 21 vulnerabilities vulnerability NNS security-googleblog-com-3840 27 22 in in IN security-googleblog-com-3840 27 23 your -PRON- PRP$ security-googleblog-com-3840 27 24 software software NN security-googleblog-com-3840 27 25 Prevent prevent VB security-googleblog-com-3840 27 26 the the DT security-googleblog-com-3840 27 27 addition addition NN security-googleblog-com-3840 27 28 of of IN security-googleblog-com-3840 27 29 new new JJ security-googleblog-com-3840 27 30 vulnerabilities vulnerability NNS security-googleblog-com-3840 27 31 , , , security-googleblog-com-3840 27 32 and and CC security-googleblog-com-3840 27 33 Fix fix VB security-googleblog-com-3840 27 34 or or CC security-googleblog-com-3840 27 35 remove remove VB security-googleblog-com-3840 27 36 vulnerabilities vulnerability NNS security-googleblog-com-3840 27 37 . . . security-googleblog-com-3840 28 1 A a DT security-googleblog-com-3840 28 2 related related JJ security-googleblog-com-3840 28 3 but but CC security-googleblog-com-3840 28 4 separate separate JJ security-googleblog-com-3840 28 5 problem problem NN security-googleblog-com-3840 28 6 , , , security-googleblog-com-3840 28 7 which which WDT security-googleblog-com-3840 28 8 is be VBZ security-googleblog-com-3840 28 9 critical critical JJ security-googleblog-com-3840 28 10 to to IN security-googleblog-com-3840 28 11 securing secure VBG security-googleblog-com-3840 28 12 the the DT security-googleblog-com-3840 28 13 supply supply NN security-googleblog-com-3840 28 14 chain chain NN security-googleblog-com-3840 28 15 , , , security-googleblog-com-3840 28 16 is be VBZ security-googleblog-com-3840 28 17 improving improve VBG security-googleblog-com-3840 28 18 the the DT security-googleblog-com-3840 28 19 security security NN security-googleblog-com-3840 28 20 of of IN security-googleblog-com-3840 28 21 the the DT security-googleblog-com-3840 28 22 development development NN security-googleblog-com-3840 28 23 process process NN security-googleblog-com-3840 28 24 . . . security-googleblog-com-3840 29 1 We -PRON- PRP security-googleblog-com-3840 29 2 ’ve have VB security-googleblog-com-3840 29 3 outlined outline VBN security-googleblog-com-3840 29 4 the the DT security-googleblog-com-3840 29 5 challenges challenge NNS security-googleblog-com-3840 29 6 of of IN security-googleblog-com-3840 29 7 this this DT security-googleblog-com-3840 29 8 problem problem NN security-googleblog-com-3840 29 9 and and CC security-googleblog-com-3840 29 10 proposed propose VBN security-googleblog-com-3840 29 11 goals goal NNS security-googleblog-com-3840 29 12 in in IN security-googleblog-com-3840 29 13 the the DT security-googleblog-com-3840 29 14 fourth fourth JJ security-googleblog-com-3840 29 15 section section NN security-googleblog-com-3840 29 16 , , , security-googleblog-com-3840 29 17 Prevention Prevention NNP security-googleblog-com-3840 29 18 for for IN security-googleblog-com-3840 29 19 Critical Critical NNP security-googleblog-com-3840 29 20 Software Software NNP security-googleblog-com-3840 29 21 . . . security-googleblog-com-3840 30 1 Know know VB security-googleblog-com-3840 30 2 your -PRON- PRP$ security-googleblog-com-3840 30 3 Vulnerabilities vulnerability NNS security-googleblog-com-3840 30 4 Knowing know VBG security-googleblog-com-3840 30 5 your -PRON- PRP$ security-googleblog-com-3840 30 6 vulnerabilities vulnerability NNS security-googleblog-com-3840 30 7 is be VBZ security-googleblog-com-3840 30 8 harder hard JJR security-googleblog-com-3840 30 9 than than IN security-googleblog-com-3840 30 10 expected expect VBN security-googleblog-com-3840 30 11 for for IN security-googleblog-com-3840 30 12 many many JJ security-googleblog-com-3840 30 13 reasons reason NNS security-googleblog-com-3840 30 14 . . . security-googleblog-com-3840 31 1 Although although IN security-googleblog-com-3840 31 2 there there EX security-googleblog-com-3840 31 3 are be VBP security-googleblog-com-3840 31 4 mechanisms mechanism NNS security-googleblog-com-3840 31 5 for for IN security-googleblog-com-3840 31 6 reporting reporting NN security-googleblog-com-3840 31 7 vulnerabilities vulnerability NNS security-googleblog-com-3840 31 8 , , , security-googleblog-com-3840 31 9 it -PRON- PRP security-googleblog-com-3840 31 10 is be VBZ security-googleblog-com-3840 31 11 hard hard JJ security-googleblog-com-3840 31 12 to to TO security-googleblog-com-3840 31 13 know know VB security-googleblog-com-3840 31 14 if if IN security-googleblog-com-3840 31 15 they -PRON- PRP security-googleblog-com-3840 31 16 actually actually RB security-googleblog-com-3840 31 17 affect affect VBP security-googleblog-com-3840 31 18 the the DT security-googleblog-com-3840 31 19 specific specific JJ security-googleblog-com-3840 31 20 versions version NNS security-googleblog-com-3840 31 21 of of IN security-googleblog-com-3840 31 22 software software NN security-googleblog-com-3840 31 23 you -PRON- PRP security-googleblog-com-3840 31 24 are be VBP security-googleblog-com-3840 31 25 using use VBG security-googleblog-com-3840 31 26 . . . security-googleblog-com-3840 32 1 Goal goal NN security-googleblog-com-3840 32 2 : : : security-googleblog-com-3840 32 3 Precise Precise NNP security-googleblog-com-3840 32 4 Vulnerability Vulnerability NNP security-googleblog-com-3840 32 5 Data Data NNP security-googleblog-com-3840 32 6 First first RB security-googleblog-com-3840 32 7 , , , security-googleblog-com-3840 32 8 it -PRON- PRP security-googleblog-com-3840 32 9 is be VBZ security-googleblog-com-3840 32 10 crucial crucial JJ security-googleblog-com-3840 32 11 to to TO security-googleblog-com-3840 32 12 capture capture VB security-googleblog-com-3840 32 13 precise precise JJ security-googleblog-com-3840 32 14 vulnerability vulnerability NN security-googleblog-com-3840 32 15 metadata metadata NN security-googleblog-com-3840 32 16 from from IN security-googleblog-com-3840 32 17 all all DT security-googleblog-com-3840 32 18 available available JJ security-googleblog-com-3840 32 19 data data NN security-googleblog-com-3840 32 20 sources source NNS security-googleblog-com-3840 32 21 . . . security-googleblog-com-3840 33 1 For for IN security-googleblog-com-3840 33 2 example example NN security-googleblog-com-3840 33 3 , , , security-googleblog-com-3840 33 4 knowing know VBG security-googleblog-com-3840 33 5 which which WDT security-googleblog-com-3840 33 6 version version NN security-googleblog-com-3840 33 7 introduced introduce VBD security-googleblog-com-3840 33 8 a a DT security-googleblog-com-3840 33 9 vulnerability vulnerability NN security-googleblog-com-3840 33 10 helps help VBZ security-googleblog-com-3840 33 11 determine determine VB security-googleblog-com-3840 33 12 if if IN security-googleblog-com-3840 33 13 one one NN security-googleblog-com-3840 33 14 's 's POS security-googleblog-com-3840 33 15 software software NN security-googleblog-com-3840 33 16 is be VBZ security-googleblog-com-3840 33 17 affected affect VBN security-googleblog-com-3840 33 18 , , , security-googleblog-com-3840 33 19 and and CC security-googleblog-com-3840 33 20 knowing know VBG security-googleblog-com-3840 33 21 when when WRB security-googleblog-com-3840 33 22 it -PRON- PRP security-googleblog-com-3840 33 23 was be VBD security-googleblog-com-3840 33 24 fixed fix VBN security-googleblog-com-3840 33 25 results result NNS security-googleblog-com-3840 33 26 in in IN security-googleblog-com-3840 33 27 accurate accurate JJ security-googleblog-com-3840 33 28 and and CC security-googleblog-com-3840 33 29 timely timely JJ security-googleblog-com-3840 33 30 patching patching NN security-googleblog-com-3840 33 31 ( ( -LRB- security-googleblog-com-3840 33 32 and and CC security-googleblog-com-3840 33 33 a a DT security-googleblog-com-3840 33 34 reduced reduce VBN security-googleblog-com-3840 33 35 window window NN security-googleblog-com-3840 33 36 for for IN security-googleblog-com-3840 33 37 potential potential JJ security-googleblog-com-3840 33 38 exploitation exploitation NN security-googleblog-com-3840 33 39 ) ) -RRB- security-googleblog-com-3840 33 40 . . . security-googleblog-com-3840 34 1 Ideally ideally RB security-googleblog-com-3840 34 2 , , , security-googleblog-com-3840 34 3 this this DT security-googleblog-com-3840 34 4 triaging triage VBG security-googleblog-com-3840 34 5 workflow workflow NN security-googleblog-com-3840 34 6 should should MD security-googleblog-com-3840 34 7 be be VB security-googleblog-com-3840 34 8 automated automate VBN security-googleblog-com-3840 34 9 . . . security-googleblog-com-3840 35 1 Second second RB security-googleblog-com-3840 35 2 , , , security-googleblog-com-3840 35 3 most most JJS security-googleblog-com-3840 35 4 vulnerabilities vulnerability NNS security-googleblog-com-3840 35 5 are be VBP security-googleblog-com-3840 35 6 in in IN security-googleblog-com-3840 35 7 your -PRON- PRP$ security-googleblog-com-3840 35 8 dependencies dependency NNS security-googleblog-com-3840 35 9 , , , security-googleblog-com-3840 35 10 rather rather RB security-googleblog-com-3840 35 11 than than IN security-googleblog-com-3840 35 12 the the DT security-googleblog-com-3840 35 13 code code NN security-googleblog-com-3840 35 14 you -PRON- PRP security-googleblog-com-3840 35 15 write write VBP security-googleblog-com-3840 35 16 or or CC security-googleblog-com-3840 35 17 control control VBP security-googleblog-com-3840 35 18 directly directly RB security-googleblog-com-3840 35 19 . . . security-googleblog-com-3840 36 1 Thus thus RB security-googleblog-com-3840 36 2 , , , security-googleblog-com-3840 36 3 even even RB security-googleblog-com-3840 36 4 when when WRB security-googleblog-com-3840 36 5 your -PRON- PRP$ security-googleblog-com-3840 36 6 code code NN security-googleblog-com-3840 36 7 is be VBZ security-googleblog-com-3840 36 8 not not RB security-googleblog-com-3840 36 9 changing change VBG security-googleblog-com-3840 36 10 , , , security-googleblog-com-3840 36 11 there there EX security-googleblog-com-3840 36 12 can can MD security-googleblog-com-3840 36 13 be be VB security-googleblog-com-3840 36 14 a a DT security-googleblog-com-3840 36 15 constant constant JJ security-googleblog-com-3840 36 16 churn churn NN security-googleblog-com-3840 36 17 in in IN security-googleblog-com-3840 36 18 your -PRON- PRP$ security-googleblog-com-3840 36 19 vulnerabilities vulnerability NNS security-googleblog-com-3840 36 20 : : : security-googleblog-com-3840 36 21 some some DT security-googleblog-com-3840 36 22 get get VBP security-googleblog-com-3840 36 23 fixed fix VBN security-googleblog-com-3840 36 24 and and CC security-googleblog-com-3840 36 25 others other NNS security-googleblog-com-3840 36 26 get get VBP security-googleblog-com-3840 36 27 added.1 added.1 UH security-googleblog-com-3840 36 28 Goal goal NN security-googleblog-com-3840 36 29 : : : security-googleblog-com-3840 36 30 Standard Standard NNP security-googleblog-com-3840 36 31 Schema Schema NNP security-googleblog-com-3840 36 32 for for IN security-googleblog-com-3840 36 33 Vulnerability Vulnerability NNP security-googleblog-com-3840 36 34 Databases Databases NNPS security-googleblog-com-3840 36 35 Infrastructure infrastructure NN security-googleblog-com-3840 36 36 and and CC security-googleblog-com-3840 36 37 industry industry NN security-googleblog-com-3840 36 38 standards standard NNS security-googleblog-com-3840 36 39 are be VBP security-googleblog-com-3840 36 40 needed need VBN security-googleblog-com-3840 36 41 to to TO security-googleblog-com-3840 36 42 track track VB security-googleblog-com-3840 36 43 and and CC security-googleblog-com-3840 36 44 maintain maintain VB security-googleblog-com-3840 36 45 open open JJ security-googleblog-com-3840 36 46 source source NN security-googleblog-com-3840 36 47 vulnerabilities vulnerability NNS security-googleblog-com-3840 36 48 , , , security-googleblog-com-3840 36 49 understand understand VB security-googleblog-com-3840 36 50 their -PRON- PRP$ security-googleblog-com-3840 36 51 consequences consequence NNS security-googleblog-com-3840 36 52 , , , security-googleblog-com-3840 36 53 and and CC security-googleblog-com-3840 36 54 manage manage VB security-googleblog-com-3840 36 55 their -PRON- PRP$ security-googleblog-com-3840 36 56 mitigations mitigation NNS security-googleblog-com-3840 36 57 . . . security-googleblog-com-3840 37 1 A a DT security-googleblog-com-3840 37 2 standard standard JJ security-googleblog-com-3840 37 3 vulnerability vulnerability NN security-googleblog-com-3840 37 4 schema schema NN security-googleblog-com-3840 37 5 would would MD security-googleblog-com-3840 37 6 allow allow VB security-googleblog-com-3840 37 7 common common JJ security-googleblog-com-3840 37 8 tools tool NNS security-googleblog-com-3840 37 9 to to TO security-googleblog-com-3840 37 10 work work VB security-googleblog-com-3840 37 11 across across IN security-googleblog-com-3840 37 12 multiple multiple JJ security-googleblog-com-3840 37 13 vulnerability vulnerability NN security-googleblog-com-3840 37 14 databases database NNS security-googleblog-com-3840 37 15 and and CC security-googleblog-com-3840 37 16 simplify simplify VB security-googleblog-com-3840 37 17 the the DT security-googleblog-com-3840 37 18 task task NN security-googleblog-com-3840 37 19 of of IN security-googleblog-com-3840 37 20 tracking tracking NN security-googleblog-com-3840 37 21 , , , security-googleblog-com-3840 37 22 especially especially RB security-googleblog-com-3840 37 23 when when WRB security-googleblog-com-3840 37 24 vulnerabilities vulnerability NNS security-googleblog-com-3840 37 25 touch touch VBP security-googleblog-com-3840 37 26 multiple multiple JJ security-googleblog-com-3840 37 27 languages language NNS security-googleblog-com-3840 37 28 or or CC security-googleblog-com-3840 37 29 subsystems subsystem NNS security-googleblog-com-3840 37 30 . . . security-googleblog-com-3840 38 1 Goal goal NN security-googleblog-com-3840 38 2 : : : security-googleblog-com-3840 38 3 Accurate accurate JJ security-googleblog-com-3840 38 4 Tracking tracking NN security-googleblog-com-3840 38 5 of of IN security-googleblog-com-3840 38 6 Dependencies Dependencies NNPS security-googleblog-com-3840 38 7 Better Better NNP security-googleblog-com-3840 38 8 tooling tooling NN security-googleblog-com-3840 38 9 is be VBZ security-googleblog-com-3840 38 10 needed need VBN security-googleblog-com-3840 38 11 to to TO security-googleblog-com-3840 38 12 understand understand VB security-googleblog-com-3840 38 13 quickly quickly RB security-googleblog-com-3840 38 14 what what WDT security-googleblog-com-3840 38 15 software software NN security-googleblog-com-3840 38 16 is be VBZ security-googleblog-com-3840 38 17 affected affect VBN security-googleblog-com-3840 38 18 by by IN security-googleblog-com-3840 38 19 a a DT security-googleblog-com-3840 38 20 newly newly RB security-googleblog-com-3840 38 21 discovered discover VBN security-googleblog-com-3840 38 22 vulnerability vulnerability NN security-googleblog-com-3840 38 23 , , , security-googleblog-com-3840 38 24 a a DT security-googleblog-com-3840 38 25 problem problem NN security-googleblog-com-3840 38 26 made make VBN security-googleblog-com-3840 38 27 harder hard RBR security-googleblog-com-3840 38 28 by by IN security-googleblog-com-3840 38 29 the the DT security-googleblog-com-3840 38 30 scale scale NN security-googleblog-com-3840 38 31 and and CC security-googleblog-com-3840 38 32 dynamic dynamic JJ security-googleblog-com-3840 38 33 nature nature NN security-googleblog-com-3840 38 34 of of IN security-googleblog-com-3840 38 35 large large JJ security-googleblog-com-3840 38 36 dependency dependency NN security-googleblog-com-3840 38 37 trees tree NNS security-googleblog-com-3840 38 38 . . . security-googleblog-com-3840 39 1 Current current JJ security-googleblog-com-3840 39 2 practices practice NNS security-googleblog-com-3840 39 3 also also RB security-googleblog-com-3840 39 4 often often RB security-googleblog-com-3840 39 5 make make VBP security-googleblog-com-3840 39 6 it -PRON- PRP security-googleblog-com-3840 39 7 difficult difficult JJ security-googleblog-com-3840 39 8 to to TO security-googleblog-com-3840 39 9 predict predict VB security-googleblog-com-3840 39 10 exactly exactly RB security-googleblog-com-3840 39 11 what what WP security-googleblog-com-3840 39 12 versions version NNS security-googleblog-com-3840 39 13 are be VBP security-googleblog-com-3840 39 14 used use VBN security-googleblog-com-3840 39 15 without without IN security-googleblog-com-3840 39 16 actually actually RB security-googleblog-com-3840 39 17 doing do VBG security-googleblog-com-3840 39 18 an an DT security-googleblog-com-3840 39 19 installation installation NN security-googleblog-com-3840 39 20 , , , security-googleblog-com-3840 39 21 as as IN security-googleblog-com-3840 39 22 the the DT security-googleblog-com-3840 39 23 software software NN security-googleblog-com-3840 39 24 for for IN security-googleblog-com-3840 39 25 version version NN security-googleblog-com-3840 39 26 resolution resolution NN security-googleblog-com-3840 39 27 is be VBZ security-googleblog-com-3840 39 28 only only RB security-googleblog-com-3840 39 29 available available JJ security-googleblog-com-3840 39 30 through through IN security-googleblog-com-3840 39 31 the the DT security-googleblog-com-3840 39 32 installer installer NN security-googleblog-com-3840 39 33 . . . security-googleblog-com-3840 40 1 Prevent Prevent NNP security-googleblog-com-3840 40 2 New New NNP security-googleblog-com-3840 40 3 Vulnerabilities vulnerability NNS security-googleblog-com-3840 40 4 It -PRON- PRP security-googleblog-com-3840 40 5 would would MD security-googleblog-com-3840 40 6 be be VB security-googleblog-com-3840 40 7 ideal ideal JJ security-googleblog-com-3840 40 8 to to TO security-googleblog-com-3840 40 9 prevent prevent VB security-googleblog-com-3840 40 10 vulnerabilities vulnerability NNS security-googleblog-com-3840 40 11 from from IN security-googleblog-com-3840 40 12 ever ever RB security-googleblog-com-3840 40 13 being be VBG security-googleblog-com-3840 40 14 created create VBN security-googleblog-com-3840 40 15 , , , security-googleblog-com-3840 40 16 and and CC security-googleblog-com-3840 40 17 although although IN security-googleblog-com-3840 40 18 testing testing NN security-googleblog-com-3840 40 19 and and CC security-googleblog-com-3840 40 20 analysis analysis NN security-googleblog-com-3840 40 21 tools tool NNS security-googleblog-com-3840 40 22 can can MD security-googleblog-com-3840 40 23 help help VB security-googleblog-com-3840 40 24 , , , security-googleblog-com-3840 40 25 prevention prevention NN security-googleblog-com-3840 40 26 will will MD security-googleblog-com-3840 40 27 always always RB security-googleblog-com-3840 40 28 be be VB security-googleblog-com-3840 40 29 a a DT security-googleblog-com-3840 40 30 hard hard JJ security-googleblog-com-3840 40 31 problem problem NN security-googleblog-com-3840 40 32 . . . security-googleblog-com-3840 41 1 Here here RB security-googleblog-com-3840 41 2 we -PRON- PRP security-googleblog-com-3840 41 3 focus focus VBP security-googleblog-com-3840 41 4 on on IN security-googleblog-com-3840 41 5 two two CD security-googleblog-com-3840 41 6 specific specific JJ security-googleblog-com-3840 41 7 aspects aspect NNS security-googleblog-com-3840 41 8 : : : security-googleblog-com-3840 41 9 Understanding understand VBG security-googleblog-com-3840 41 10 risks risk NNS security-googleblog-com-3840 41 11 when when WRB security-googleblog-com-3840 41 12 deciding decide VBG security-googleblog-com-3840 41 13 on on IN security-googleblog-com-3840 41 14 a a DT security-googleblog-com-3840 41 15 new new JJ security-googleblog-com-3840 41 16 dependency dependency NN security-googleblog-com-3840 41 17 Improving improve VBG security-googleblog-com-3840 41 18 development development NN security-googleblog-com-3840 41 19 processes process NNS security-googleblog-com-3840 41 20 for for IN security-googleblog-com-3840 41 21 critical critical JJ security-googleblog-com-3840 41 22 software software NN security-googleblog-com-3840 41 23 Goal Goal NNP security-googleblog-com-3840 41 24 : : : security-googleblog-com-3840 41 25 Understand understand VB security-googleblog-com-3840 41 26 the the DT security-googleblog-com-3840 41 27 Risks risk NNS security-googleblog-com-3840 41 28 for for IN security-googleblog-com-3840 41 29 New New NNP security-googleblog-com-3840 41 30 Dependencies Dependencies NNPS security-googleblog-com-3840 41 31 The the DT security-googleblog-com-3840 41 32 first first JJ security-googleblog-com-3840 41 33 category category NN security-googleblog-com-3840 41 34 is be VBZ security-googleblog-com-3840 41 35 essentially essentially RB security-googleblog-com-3840 41 36 knowing know VBG security-googleblog-com-3840 41 37 about about IN security-googleblog-com-3840 41 38 vulnerabilities vulnerability NNS security-googleblog-com-3840 41 39 at at IN security-googleblog-com-3840 41 40 the the DT security-googleblog-com-3840 41 41 time time NN security-googleblog-com-3840 41 42 you -PRON- PRP security-googleblog-com-3840 41 43 decide decide VBP security-googleblog-com-3840 41 44 to to TO security-googleblog-com-3840 41 45 use use VB security-googleblog-com-3840 41 46 a a DT security-googleblog-com-3840 41 47 package package NN security-googleblog-com-3840 41 48 . . . security-googleblog-com-3840 42 1 Taking take VBG security-googleblog-com-3840 42 2 on on RP security-googleblog-com-3840 42 3 a a DT security-googleblog-com-3840 42 4 new new JJ security-googleblog-com-3840 42 5 dependency dependency NN security-googleblog-com-3840 42 6 has have VBZ security-googleblog-com-3840 42 7 inherent inherent JJ security-googleblog-com-3840 42 8 risk risk NN security-googleblog-com-3840 42 9 and and CC security-googleblog-com-3840 42 10 it -PRON- PRP security-googleblog-com-3840 42 11 needs need VBZ security-googleblog-com-3840 42 12 to to TO security-googleblog-com-3840 42 13 be be VB security-googleblog-com-3840 42 14 an an DT security-googleblog-com-3840 42 15 informed inform VBN security-googleblog-com-3840 42 16 decision decision NN security-googleblog-com-3840 42 17 . . . security-googleblog-com-3840 43 1 Once once IN security-googleblog-com-3840 43 2 you -PRON- PRP security-googleblog-com-3840 43 3 have have VBP security-googleblog-com-3840 43 4 a a DT security-googleblog-com-3840 43 5 dependency dependency NN security-googleblog-com-3840 43 6 , , , security-googleblog-com-3840 43 7 it -PRON- PRP security-googleblog-com-3840 43 8 generally generally RB security-googleblog-com-3840 43 9 becomes become VBZ security-googleblog-com-3840 43 10 harder hard JJR security-googleblog-com-3840 43 11 to to TO security-googleblog-com-3840 43 12 remove remove VB security-googleblog-com-3840 43 13 over over IN security-googleblog-com-3840 43 14 time time NN security-googleblog-com-3840 43 15 . . . security-googleblog-com-3840 44 1 Knowing know VBG security-googleblog-com-3840 44 2 about about IN security-googleblog-com-3840 44 3 vulnerabilities vulnerability NNS security-googleblog-com-3840 44 4 is be VBZ security-googleblog-com-3840 44 5 a a DT security-googleblog-com-3840 44 6 great great JJ security-googleblog-com-3840 44 7 start start NN security-googleblog-com-3840 44 8 , , , security-googleblog-com-3840 44 9 but but CC security-googleblog-com-3840 44 10 there there EX security-googleblog-com-3840 44 11 is be VBZ security-googleblog-com-3840 44 12 more more JJR security-googleblog-com-3840 44 13 that that IN security-googleblog-com-3840 44 14 we -PRON- PRP security-googleblog-com-3840 44 15 can can MD security-googleblog-com-3840 44 16 do do VB security-googleblog-com-3840 44 17 . . . security-googleblog-com-3840 45 1 Many many JJ security-googleblog-com-3840 45 2 vulnerabilities vulnerability NNS security-googleblog-com-3840 45 3 arise arise VBP security-googleblog-com-3840 45 4 from from IN security-googleblog-com-3840 45 5 lack lack NN security-googleblog-com-3840 45 6 of of IN security-googleblog-com-3840 45 7 adherence adherence NN security-googleblog-com-3840 45 8 to to IN security-googleblog-com-3840 45 9 security security NN security-googleblog-com-3840 45 10 best good JJS security-googleblog-com-3840 45 11 practices practice NNS security-googleblog-com-3840 45 12 in in IN security-googleblog-com-3840 45 13 software software NN security-googleblog-com-3840 45 14 development development NN security-googleblog-com-3840 45 15 processes process NNS security-googleblog-com-3840 45 16 . . . security-googleblog-com-3840 46 1 Are be VBP security-googleblog-com-3840 46 2 all all DT security-googleblog-com-3840 46 3 contributors contributor NNS security-googleblog-com-3840 46 4 using use VBG security-googleblog-com-3840 46 5 two two CD security-googleblog-com-3840 46 6 - - HYPH security-googleblog-com-3840 46 7 factor factor NN security-googleblog-com-3840 46 8 authentication authentication NN security-googleblog-com-3840 46 9 ( ( -LRB- security-googleblog-com-3840 46 10 2FA 2fa CD security-googleblog-com-3840 46 11 ) ) -RRB- security-googleblog-com-3840 46 12 ? ? . security-googleblog-com-3840 47 1 Does do VBZ security-googleblog-com-3840 47 2 the the DT security-googleblog-com-3840 47 3 project project NN security-googleblog-com-3840 47 4 have have VB security-googleblog-com-3840 47 5 continuous continuous JJ security-googleblog-com-3840 47 6 integration integration NN security-googleblog-com-3840 47 7 set set VBN security-googleblog-com-3840 47 8 up up RP security-googleblog-com-3840 47 9 and and CC security-googleblog-com-3840 47 10 running run VBG security-googleblog-com-3840 47 11 tests test NNS security-googleblog-com-3840 47 12 ? ? . security-googleblog-com-3840 48 1 Is be VBZ security-googleblog-com-3840 48 2 fuzzing fuzze VBG security-googleblog-com-3840 48 3 integrated integrate VBN security-googleblog-com-3840 48 4 ? ? . security-googleblog-com-3840 49 1 These these DT security-googleblog-com-3840 49 2 are be VBP security-googleblog-com-3840 49 3 the the DT security-googleblog-com-3840 49 4 types type NNS security-googleblog-com-3840 49 5 of of IN security-googleblog-com-3840 49 6 security security NN security-googleblog-com-3840 49 7 checks check NNS security-googleblog-com-3840 49 8 that that WDT security-googleblog-com-3840 49 9 would would MD security-googleblog-com-3840 49 10 help help VB security-googleblog-com-3840 49 11 consumers consumer NNS security-googleblog-com-3840 49 12 understand understand VB security-googleblog-com-3840 49 13 the the DT security-googleblog-com-3840 49 14 risks risk NNS security-googleblog-com-3840 49 15 they -PRON- PRP security-googleblog-com-3840 49 16 ’re be VBP security-googleblog-com-3840 49 17 taking take VBG security-googleblog-com-3840 49 18 on on RP security-googleblog-com-3840 49 19 with with IN security-googleblog-com-3840 49 20 new new JJ security-googleblog-com-3840 49 21 dependencies dependency NNS security-googleblog-com-3840 49 22 . . . security-googleblog-com-3840 50 1 Packages package NNS security-googleblog-com-3840 50 2 with with IN security-googleblog-com-3840 50 3 a a DT security-googleblog-com-3840 50 4 low low JJ security-googleblog-com-3840 50 5 “ " `` security-googleblog-com-3840 50 6 score score NN security-googleblog-com-3840 50 7 ” " '' security-googleblog-com-3840 50 8 warrant warrant VBP security-googleblog-com-3840 50 9 a a DT security-googleblog-com-3840 50 10 closer close JJR security-googleblog-com-3840 50 11 review review NN security-googleblog-com-3840 50 12 , , , security-googleblog-com-3840 50 13 and and CC security-googleblog-com-3840 50 14 a a DT security-googleblog-com-3840 50 15 plan plan NN security-googleblog-com-3840 50 16 for for IN security-googleblog-com-3840 50 17 remediation remediation NN security-googleblog-com-3840 50 18 . . . security-googleblog-com-3840 51 1 The the DT security-googleblog-com-3840 51 2 recently recently RB security-googleblog-com-3840 51 3 announced announce VBN security-googleblog-com-3840 51 4 Security Security NNP security-googleblog-com-3840 51 5 Scorecards Scorecards NNP security-googleblog-com-3840 51 6 project project NN security-googleblog-com-3840 51 7 from from IN security-googleblog-com-3840 51 8 OpenSSF openssf PRP$ security-googleblog-com-3840 51 9 attempts attempt NNS security-googleblog-com-3840 51 10 to to TO security-googleblog-com-3840 51 11 generate generate VB security-googleblog-com-3840 51 12 these these DT security-googleblog-com-3840 51 13 data datum NNS security-googleblog-com-3840 51 14 points point NNS security-googleblog-com-3840 51 15 in in IN security-googleblog-com-3840 51 16 a a DT security-googleblog-com-3840 51 17 fully fully RB security-googleblog-com-3840 51 18 automated automate VBN security-googleblog-com-3840 51 19 way way NN security-googleblog-com-3840 51 20 . . . security-googleblog-com-3840 52 1 Using use VBG security-googleblog-com-3840 52 2 scorecards scorecard NNS security-googleblog-com-3840 52 3 can can MD security-googleblog-com-3840 52 4 also also RB security-googleblog-com-3840 52 5 help help VB security-googleblog-com-3840 52 6 defend defend VB security-googleblog-com-3840 52 7 against against IN security-googleblog-com-3840 52 8 prevalent prevalent JJ security-googleblog-com-3840 52 9 typosquatting typosquatting NN security-googleblog-com-3840 52 10 attacks attack NNS security-googleblog-com-3840 52 11 ( ( -LRB- security-googleblog-com-3840 52 12 malevolent malevolent JJ security-googleblog-com-3840 52 13 packages package NNS security-googleblog-com-3840 52 14 with with IN security-googleblog-com-3840 52 15 names name NNS security-googleblog-com-3840 52 16 similar similar JJ security-googleblog-com-3840 52 17 to to IN security-googleblog-com-3840 52 18 popular popular JJ security-googleblog-com-3840 52 19 packages package NNS security-googleblog-com-3840 52 20 ) ) -RRB- security-googleblog-com-3840 52 21 , , , security-googleblog-com-3840 52 22 since since IN security-googleblog-com-3840 52 23 they -PRON- PRP security-googleblog-com-3840 52 24 would would MD security-googleblog-com-3840 52 25 score score VB security-googleblog-com-3840 52 26 much much RB security-googleblog-com-3840 52 27 lower low JJR security-googleblog-com-3840 52 28 and and CC security-googleblog-com-3840 52 29 fail fail VB security-googleblog-com-3840 52 30 many many JJ security-googleblog-com-3840 52 31 security security NN security-googleblog-com-3840 52 32 checks check NNS security-googleblog-com-3840 52 33 . . . security-googleblog-com-3840 53 1 Improving improve VBG security-googleblog-com-3840 53 2 the the DT security-googleblog-com-3840 53 3 development development NN security-googleblog-com-3840 53 4 processes process NNS security-googleblog-com-3840 53 5 for for IN security-googleblog-com-3840 53 6 critical critical JJ security-googleblog-com-3840 53 7 software software NN security-googleblog-com-3840 53 8 is be VBZ security-googleblog-com-3840 53 9 related relate VBN security-googleblog-com-3840 53 10 to to IN security-googleblog-com-3840 53 11 vulnerability vulnerability NN security-googleblog-com-3840 53 12 prevention prevention NN security-googleblog-com-3840 53 13 , , , security-googleblog-com-3840 53 14 but but CC security-googleblog-com-3840 53 15 deserves deserve VBZ security-googleblog-com-3840 53 16 its -PRON- PRP$ security-googleblog-com-3840 53 17 own own JJ security-googleblog-com-3840 53 18 discussion discussion NN security-googleblog-com-3840 53 19 further further RB security-googleblog-com-3840 53 20 down down RB security-googleblog-com-3840 53 21 in in IN security-googleblog-com-3840 53 22 our -PRON- PRP$ security-googleblog-com-3840 53 23 post post NN security-googleblog-com-3840 53 24 . . . security-googleblog-com-3840 54 1 Fix fix VB security-googleblog-com-3840 54 2 or or CC security-googleblog-com-3840 54 3 Remove remove VB security-googleblog-com-3840 54 4 Vulnerabilities Vulnerabilities NNPS security-googleblog-com-3840 54 5 The the DT security-googleblog-com-3840 54 6 general general JJ security-googleblog-com-3840 54 7 problem problem NN security-googleblog-com-3840 54 8 of of IN security-googleblog-com-3840 54 9 fixing fix VBG security-googleblog-com-3840 54 10 vulnerabilities vulnerability NNS security-googleblog-com-3840 54 11 is be VBZ security-googleblog-com-3840 54 12 beyond beyond IN security-googleblog-com-3840 54 13 our -PRON- PRP$ security-googleblog-com-3840 54 14 scope scope NN security-googleblog-com-3840 54 15 , , , security-googleblog-com-3840 54 16 but but CC security-googleblog-com-3840 54 17 there there EX security-googleblog-com-3840 54 18 is be VBZ security-googleblog-com-3840 54 19 much much RB security-googleblog-com-3840 54 20 we -PRON- PRP security-googleblog-com-3840 54 21 can can MD security-googleblog-com-3840 54 22 do do VB security-googleblog-com-3840 54 23 for for IN security-googleblog-com-3840 54 24 the the DT security-googleblog-com-3840 54 25 specific specific JJ security-googleblog-com-3840 54 26 problem problem NN security-googleblog-com-3840 54 27 of of IN security-googleblog-com-3840 54 28 managing managing NN security-googleblog-com-3840 54 29 vulnerabilities vulnerability NNS security-googleblog-com-3840 54 30 in in IN security-googleblog-com-3840 54 31 software software NN security-googleblog-com-3840 54 32 dependencies dependency NNS security-googleblog-com-3840 54 33 . . . security-googleblog-com-3840 55 1 Today today NN security-googleblog-com-3840 55 2 there there EX security-googleblog-com-3840 55 3 is be VBZ security-googleblog-com-3840 55 4 little little JJ security-googleblog-com-3840 55 5 help help NN security-googleblog-com-3840 55 6 on on IN security-googleblog-com-3840 55 7 this this DT security-googleblog-com-3840 55 8 front front NN security-googleblog-com-3840 55 9 , , , security-googleblog-com-3840 55 10 but but CC security-googleblog-com-3840 55 11 as as IN security-googleblog-com-3840 55 12 we -PRON- PRP security-googleblog-com-3840 55 13 improve improve VBP security-googleblog-com-3840 55 14 precision precision NN security-googleblog-com-3840 55 15 it -PRON- PRP security-googleblog-com-3840 55 16 becomes become VBZ security-googleblog-com-3840 55 17 worthwhile worthwhile JJ security-googleblog-com-3840 55 18 to to TO security-googleblog-com-3840 55 19 invest invest VB security-googleblog-com-3840 55 20 in in IN security-googleblog-com-3840 55 21 new new JJ security-googleblog-com-3840 55 22 processes process NNS security-googleblog-com-3840 55 23 and and CC security-googleblog-com-3840 55 24 tooling tooling NN security-googleblog-com-3840 55 25 . . . security-googleblog-com-3840 56 1 One one CD security-googleblog-com-3840 56 2 option option NN security-googleblog-com-3840 56 3 of of IN security-googleblog-com-3840 56 4 course course NN security-googleblog-com-3840 56 5 is be VBZ security-googleblog-com-3840 56 6 to to TO security-googleblog-com-3840 56 7 fix fix VB security-googleblog-com-3840 56 8 the the DT security-googleblog-com-3840 56 9 vulnerability vulnerability NN security-googleblog-com-3840 56 10 directly directly RB security-googleblog-com-3840 56 11 . . . security-googleblog-com-3840 57 1 If if IN security-googleblog-com-3840 57 2 you -PRON- PRP security-googleblog-com-3840 57 3 can can MD security-googleblog-com-3840 57 4 do do VB security-googleblog-com-3840 57 5 this this DT security-googleblog-com-3840 57 6 in in IN security-googleblog-com-3840 57 7 a a DT security-googleblog-com-3840 57 8 backwards backwards RB security-googleblog-com-3840 57 9 - - HYPH security-googleblog-com-3840 57 10 compatible compatible JJ security-googleblog-com-3840 57 11 way way NN security-googleblog-com-3840 57 12 , , , security-googleblog-com-3840 57 13 then then RB security-googleblog-com-3840 57 14 the the DT security-googleblog-com-3840 57 15 fix fix NN security-googleblog-com-3840 57 16 is be VBZ security-googleblog-com-3840 57 17 available available JJ security-googleblog-com-3840 57 18 for for IN security-googleblog-com-3840 57 19 everyone everyone NN security-googleblog-com-3840 57 20 . . . security-googleblog-com-3840 58 1 But but CC security-googleblog-com-3840 58 2 a a DT security-googleblog-com-3840 58 3 challenge challenge NN security-googleblog-com-3840 58 4 is be VBZ security-googleblog-com-3840 58 5 that that IN security-googleblog-com-3840 58 6 you -PRON- PRP security-googleblog-com-3840 58 7 are be VBP security-googleblog-com-3840 58 8 unlikely unlikely JJ security-googleblog-com-3840 58 9 to to TO security-googleblog-com-3840 58 10 have have VB security-googleblog-com-3840 58 11 expertise expertise NN security-googleblog-com-3840 58 12 on on IN security-googleblog-com-3840 58 13 the the DT security-googleblog-com-3840 58 14 problem problem NN security-googleblog-com-3840 58 15 , , , security-googleblog-com-3840 58 16 nor nor CC security-googleblog-com-3840 58 17 the the DT security-googleblog-com-3840 58 18 direct direct JJ security-googleblog-com-3840 58 19 ability ability NN security-googleblog-com-3840 58 20 to to TO security-googleblog-com-3840 58 21 make make VB security-googleblog-com-3840 58 22 changes change NNS security-googleblog-com-3840 58 23 . . . security-googleblog-com-3840 59 1 Fixing fix VBG security-googleblog-com-3840 59 2 a a DT security-googleblog-com-3840 59 3 vulnerability vulnerability NN security-googleblog-com-3840 59 4 also also RB security-googleblog-com-3840 59 5 assumes assume VBZ security-googleblog-com-3840 59 6 the the DT security-googleblog-com-3840 59 7 software software NN security-googleblog-com-3840 59 8 maintainers maintainer NNS security-googleblog-com-3840 59 9 are be VBP security-googleblog-com-3840 59 10 aware aware JJ security-googleblog-com-3840 59 11 of of IN security-googleblog-com-3840 59 12 the the DT security-googleblog-com-3840 59 13 issue issue NN security-googleblog-com-3840 59 14 , , , security-googleblog-com-3840 59 15 and and CC security-googleblog-com-3840 59 16 have have VB security-googleblog-com-3840 59 17 the the DT security-googleblog-com-3840 59 18 knowledge knowledge NN security-googleblog-com-3840 59 19 and and CC security-googleblog-com-3840 59 20 resources resource NNS security-googleblog-com-3840 59 21 for for IN security-googleblog-com-3840 59 22 vulnerability vulnerability NN security-googleblog-com-3840 59 23 disclosure disclosure NN security-googleblog-com-3840 59 24 . . . security-googleblog-com-3840 60 1 Conversely conversely RB security-googleblog-com-3840 60 2 , , , security-googleblog-com-3840 60 3 if if IN security-googleblog-com-3840 60 4 you -PRON- PRP security-googleblog-com-3840 60 5 simply simply RB security-googleblog-com-3840 60 6 remove remove VBP security-googleblog-com-3840 60 7 the the DT security-googleblog-com-3840 60 8 dependency dependency NN security-googleblog-com-3840 60 9 that that WDT security-googleblog-com-3840 60 10 contains contain VBZ security-googleblog-com-3840 60 11 the the DT security-googleblog-com-3840 60 12 vulnerability vulnerability NN security-googleblog-com-3840 60 13 , , , security-googleblog-com-3840 60 14 then then RB security-googleblog-com-3840 60 15 it -PRON- PRP security-googleblog-com-3840 60 16 is be VBZ security-googleblog-com-3840 60 17 fixed fix VBN security-googleblog-com-3840 60 18 for for IN security-googleblog-com-3840 60 19 you -PRON- PRP security-googleblog-com-3840 60 20 and and CC security-googleblog-com-3840 60 21 those those DT security-googleblog-com-3840 60 22 that that DT security-googleblog-com-3840 60 23 import import VBP security-googleblog-com-3840 60 24 or or CC security-googleblog-com-3840 60 25 use use VBP security-googleblog-com-3840 60 26 your -PRON- PRP$ security-googleblog-com-3840 60 27 software software NN security-googleblog-com-3840 60 28 , , , security-googleblog-com-3840 60 29 but but CC security-googleblog-com-3840 60 30 not not RB security-googleblog-com-3840 60 31 for for IN security-googleblog-com-3840 60 32 anyone anyone NN security-googleblog-com-3840 60 33 else else RB security-googleblog-com-3840 60 34 . . . security-googleblog-com-3840 61 1 This this DT security-googleblog-com-3840 61 2 is be VBZ security-googleblog-com-3840 61 3 a a DT security-googleblog-com-3840 61 4 change change NN security-googleblog-com-3840 61 5 that that WDT security-googleblog-com-3840 61 6 is be VBZ security-googleblog-com-3840 61 7 under under IN security-googleblog-com-3840 61 8 your -PRON- PRP$ security-googleblog-com-3840 61 9 direct direct JJ security-googleblog-com-3840 61 10 control control NN security-googleblog-com-3840 61 11 . . . security-googleblog-com-3840 62 1 These these DT security-googleblog-com-3840 62 2 scenarios scenario NNS security-googleblog-com-3840 62 3 represent represent VBP security-googleblog-com-3840 62 4 the the DT security-googleblog-com-3840 62 5 two two CD security-googleblog-com-3840 62 6 ends end NNS security-googleblog-com-3840 62 7 of of IN security-googleblog-com-3840 62 8 the the DT security-googleblog-com-3840 62 9 chain chain NN security-googleblog-com-3840 62 10 of of IN security-googleblog-com-3840 62 11 dependencies dependency NNS security-googleblog-com-3840 62 12 between between IN security-googleblog-com-3840 62 13 your -PRON- PRP$ security-googleblog-com-3840 62 14 software software NN security-googleblog-com-3840 62 15 and and CC security-googleblog-com-3840 62 16 the the DT security-googleblog-com-3840 62 17 vulnerability vulnerability NN security-googleblog-com-3840 62 18 , , , security-googleblog-com-3840 62 19 but but CC security-googleblog-com-3840 62 20 in in IN security-googleblog-com-3840 62 21 practice practice NN security-googleblog-com-3840 62 22 there there EX security-googleblog-com-3840 62 23 can can MD security-googleblog-com-3840 62 24 be be VB security-googleblog-com-3840 62 25 many many JJ security-googleblog-com-3840 62 26 intervening intervening NN security-googleblog-com-3840 62 27 packages package NNS security-googleblog-com-3840 62 28 . . . security-googleblog-com-3840 63 1 The the DT security-googleblog-com-3840 63 2 general general JJ security-googleblog-com-3840 63 3 hope hope NN security-googleblog-com-3840 63 4 is be VBZ security-googleblog-com-3840 63 5 that that IN security-googleblog-com-3840 63 6 someone someone NN security-googleblog-com-3840 63 7 along along IN security-googleblog-com-3840 63 8 that that DT security-googleblog-com-3840 63 9 dependency dependency NN security-googleblog-com-3840 63 10 chain chain NN security-googleblog-com-3840 63 11 will will MD security-googleblog-com-3840 63 12 fix fix VB security-googleblog-com-3840 63 13 it -PRON- PRP security-googleblog-com-3840 63 14 . . . security-googleblog-com-3840 64 1 Unfortunately unfortunately RB security-googleblog-com-3840 64 2 , , , security-googleblog-com-3840 64 3 fixing fix VBG security-googleblog-com-3840 64 4 a a DT security-googleblog-com-3840 64 5 link link NN security-googleblog-com-3840 64 6 is be VBZ security-googleblog-com-3840 64 7 not not RB security-googleblog-com-3840 64 8 enough enough JJ security-googleblog-com-3840 64 9 : : : security-googleblog-com-3840 64 10 Every every DT security-googleblog-com-3840 64 11 link link NN security-googleblog-com-3840 64 12 of of IN security-googleblog-com-3840 64 13 the the DT security-googleblog-com-3840 64 14 dependency dependency NN security-googleblog-com-3840 64 15 chain chain NN security-googleblog-com-3840 64 16 between between IN security-googleblog-com-3840 64 17 you -PRON- PRP security-googleblog-com-3840 64 18 and and CC security-googleblog-com-3840 64 19 the the DT security-googleblog-com-3840 64 20 vulnerability vulnerability NN security-googleblog-com-3840 64 21 needs need VBZ security-googleblog-com-3840 64 22 to to TO security-googleblog-com-3840 64 23 be be VB security-googleblog-com-3840 64 24 updated update VBN security-googleblog-com-3840 64 25 before before IN security-googleblog-com-3840 64 26 your -PRON- PRP$ security-googleblog-com-3840 64 27 software software NN security-googleblog-com-3840 64 28 will will MD security-googleblog-com-3840 64 29 be be VB security-googleblog-com-3840 64 30 fixed fix VBN security-googleblog-com-3840 64 31 . . . security-googleblog-com-3840 65 1 Each each DT security-googleblog-com-3840 65 2 link link NN security-googleblog-com-3840 65 3 must must MD security-googleblog-com-3840 65 4 include include VB security-googleblog-com-3840 65 5 the the DT security-googleblog-com-3840 65 6 fixed fix VBN security-googleblog-com-3840 65 7 version version NN security-googleblog-com-3840 65 8 of of IN security-googleblog-com-3840 65 9 the the DT security-googleblog-com-3840 65 10 thing thing NN security-googleblog-com-3840 65 11 below below IN security-googleblog-com-3840 65 12 it -PRON- PRP security-googleblog-com-3840 65 13 to to TO security-googleblog-com-3840 65 14 purge purge VB security-googleblog-com-3840 65 15 the the DT security-googleblog-com-3840 65 16 vulnerability vulnerability NN security-googleblog-com-3840 65 17 . . . security-googleblog-com-3840 66 1 Thus thus RB security-googleblog-com-3840 66 2 , , , security-googleblog-com-3840 66 3 the the DT security-googleblog-com-3840 66 4 updates update NNS security-googleblog-com-3840 66 5 need need VBP security-googleblog-com-3840 66 6 to to TO security-googleblog-com-3840 66 7 be be VB security-googleblog-com-3840 66 8 done do VBN security-googleblog-com-3840 66 9 from from IN security-googleblog-com-3840 66 10 the the DT security-googleblog-com-3840 66 11 bottom bottom NN security-googleblog-com-3840 66 12 up up RP security-googleblog-com-3840 66 13 , , , security-googleblog-com-3840 66 14 unless unless IN security-googleblog-com-3840 66 15 you -PRON- PRP security-googleblog-com-3840 66 16 can can MD security-googleblog-com-3840 66 17 eliminate eliminate VB security-googleblog-com-3840 66 18 the the DT security-googleblog-com-3840 66 19 dependency dependency NN security-googleblog-com-3840 66 20 altogether altogether RB security-googleblog-com-3840 66 21 , , , security-googleblog-com-3840 66 22 which which WDT security-googleblog-com-3840 66 23 may may MD security-googleblog-com-3840 66 24 require require VB security-googleblog-com-3840 66 25 similar similar JJ security-googleblog-com-3840 66 26 heroics heroic NNS security-googleblog-com-3840 66 27 and and CC security-googleblog-com-3840 66 28 is be VBZ security-googleblog-com-3840 66 29 rarely rarely RB security-googleblog-com-3840 66 30 possible possible JJ security-googleblog-com-3840 66 31 — — : security-googleblog-com-3840 66 32 but but CC security-googleblog-com-3840 66 33 is be VBZ security-googleblog-com-3840 66 34 the the DT security-googleblog-com-3840 66 35 best good JJS security-googleblog-com-3840 66 36 solution solution NN security-googleblog-com-3840 66 37 when when WRB security-googleblog-com-3840 66 38 it -PRON- PRP security-googleblog-com-3840 66 39 is be VBZ security-googleblog-com-3840 66 40 . . . security-googleblog-com-3840 67 1 Goal goal NN security-googleblog-com-3840 67 2 : : : security-googleblog-com-3840 67 3 Understand understand VB security-googleblog-com-3840 67 4 your -PRON- PRP$ security-googleblog-com-3840 67 5 Options option NNS security-googleblog-com-3840 67 6 to to TO security-googleblog-com-3840 67 7 Remove remove VB security-googleblog-com-3840 67 8 Vulnerabilities Vulnerabilities NNPS security-googleblog-com-3840 67 9 Today Today NNP security-googleblog-com-3840 67 10 , , , security-googleblog-com-3840 67 11 we -PRON- PRP security-googleblog-com-3840 67 12 lack lack VBP security-googleblog-com-3840 67 13 clarity clarity NN security-googleblog-com-3840 67 14 on on IN security-googleblog-com-3840 67 15 this this DT security-googleblog-com-3840 67 16 process process NN security-googleblog-com-3840 67 17 : : : security-googleblog-com-3840 67 18 what what WDT security-googleblog-com-3840 67 19 progress progress NN security-googleblog-com-3840 67 20 has have VBZ security-googleblog-com-3840 67 21 been be VBN security-googleblog-com-3840 67 22 made make VBN security-googleblog-com-3840 67 23 by by IN security-googleblog-com-3840 67 24 others other NNS security-googleblog-com-3840 67 25 and and CC security-googleblog-com-3840 67 26 what what WP security-googleblog-com-3840 67 27 upgrades upgrade NNS security-googleblog-com-3840 67 28 should should MD security-googleblog-com-3840 67 29 be be VB security-googleblog-com-3840 67 30 applied apply VBN security-googleblog-com-3840 67 31 at at IN security-googleblog-com-3840 67 32 what what WDT security-googleblog-com-3840 67 33 level level NN security-googleblog-com-3840 67 34 ? ? . security-googleblog-com-3840 68 1 And and CC security-googleblog-com-3840 68 2 where where WRB security-googleblog-com-3840 68 3 is be VBZ security-googleblog-com-3840 68 4 the the DT security-googleblog-com-3840 68 5 process process NN security-googleblog-com-3840 68 6 stuck stick VBN security-googleblog-com-3840 68 7 ? ? . security-googleblog-com-3840 69 1 Who who WP security-googleblog-com-3840 69 2 is be VBZ security-googleblog-com-3840 69 3 responsible responsible JJ security-googleblog-com-3840 69 4 for for IN security-googleblog-com-3840 69 5 fixing fix VBG security-googleblog-com-3840 69 6 the the DT security-googleblog-com-3840 69 7 vulnerability vulnerability NN security-googleblog-com-3840 69 8 itself -PRON- PRP security-googleblog-com-3840 69 9 ? ? . security-googleblog-com-3840 70 1 Who who WP security-googleblog-com-3840 70 2 is be VBZ security-googleblog-com-3840 70 3 responsible responsible JJ security-googleblog-com-3840 70 4 for for IN security-googleblog-com-3840 70 5 propagating propagate VBG security-googleblog-com-3840 70 6 the the DT security-googleblog-com-3840 70 7 fix fix NN security-googleblog-com-3840 70 8 ? ? . security-googleblog-com-3840 71 1 Goal goal NN security-googleblog-com-3840 71 2 : : : security-googleblog-com-3840 71 3 Notifications notification NNS security-googleblog-com-3840 71 4 to to IN security-googleblog-com-3840 71 5 Speed speed NN security-googleblog-com-3840 71 6 Repairs repair NNS security-googleblog-com-3840 71 7 Eventually eventually RB security-googleblog-com-3840 71 8 , , , security-googleblog-com-3840 71 9 your -PRON- PRP$ security-googleblog-com-3840 71 10 dependencies dependency NNS security-googleblog-com-3840 71 11 will will MD security-googleblog-com-3840 71 12 be be VB security-googleblog-com-3840 71 13 fixed fix VBN security-googleblog-com-3840 71 14 and and CC security-googleblog-com-3840 71 15 you -PRON- PRP security-googleblog-com-3840 71 16 can can MD security-googleblog-com-3840 71 17 locally locally RB security-googleblog-com-3840 71 18 upgrade upgrade VB security-googleblog-com-3840 71 19 to to IN security-googleblog-com-3840 71 20 the the DT security-googleblog-com-3840 71 21 new new JJ security-googleblog-com-3840 71 22 versions version NNS security-googleblog-com-3840 71 23 . . . security-googleblog-com-3840 72 1 Knowing know VBG security-googleblog-com-3840 72 2 when when WRB security-googleblog-com-3840 72 3 this this DT security-googleblog-com-3840 72 4 happens happen VBZ security-googleblog-com-3840 72 5 is be VBZ security-googleblog-com-3840 72 6 an an DT security-googleblog-com-3840 72 7 important important JJ security-googleblog-com-3840 72 8 goal goal NN security-googleblog-com-3840 72 9 as as IN security-googleblog-com-3840 72 10 it -PRON- PRP security-googleblog-com-3840 72 11 accelerates accelerate VBZ security-googleblog-com-3840 72 12 reducing reduce VBG security-googleblog-com-3840 72 13 the the DT security-googleblog-com-3840 72 14 exposure exposure NN security-googleblog-com-3840 72 15 to to IN security-googleblog-com-3840 72 16 vulnerabilities vulnerability NNS security-googleblog-com-3840 72 17 . . . security-googleblog-com-3840 73 1 We -PRON- PRP security-googleblog-com-3840 73 2 also also RB security-googleblog-com-3840 73 3 need need VBP security-googleblog-com-3840 73 4 a a DT security-googleblog-com-3840 73 5 notification notification NN security-googleblog-com-3840 73 6 system system NN security-googleblog-com-3840 73 7 for for IN security-googleblog-com-3840 73 8 the the DT security-googleblog-com-3840 73 9 actual actual JJ security-googleblog-com-3840 73 10 discovery discovery NN security-googleblog-com-3840 73 11 of of IN security-googleblog-com-3840 73 12 vulnerabilities vulnerability NNS security-googleblog-com-3840 73 13 ; ; : security-googleblog-com-3840 73 14 often often RB security-googleblog-com-3840 73 15 new new JJ security-googleblog-com-3840 73 16 vulnerabilities vulnerability NNS security-googleblog-com-3840 73 17 represent represent VBP security-googleblog-com-3840 73 18 latent latent NN security-googleblog-com-3840 73 19 problems problem NNS security-googleblog-com-3840 73 20 that that WDT security-googleblog-com-3840 73 21 are be VBP security-googleblog-com-3840 73 22 newly newly RB security-googleblog-com-3840 73 23 discovered discover VBN security-googleblog-com-3840 73 24 even even RB security-googleblog-com-3840 73 25 though though IN security-googleblog-com-3840 73 26 the the DT security-googleblog-com-3840 73 27 actual actual JJ security-googleblog-com-3840 73 28 code code NN security-googleblog-com-3840 73 29 has have VBZ security-googleblog-com-3840 73 30 not not RB security-googleblog-com-3840 73 31 changed change VBN security-googleblog-com-3840 73 32 ( ( -LRB- security-googleblog-com-3840 73 33 such such JJ security-googleblog-com-3840 73 34 as as IN security-googleblog-com-3840 73 35 this this DT security-googleblog-com-3840 73 36 10-year 10-year CD security-googleblog-com-3840 73 37 old old JJ security-googleblog-com-3840 73 38 vulnerability vulnerability NN security-googleblog-com-3840 73 39 in in IN security-googleblog-com-3840 73 40 the the DT security-googleblog-com-3840 73 41 Unix Unix NNP security-googleblog-com-3840 73 42 utility utility NN security-googleblog-com-3840 73 43 sudo sudo NN security-googleblog-com-3840 73 44 ) ) -RRB- security-googleblog-com-3840 73 45 . . . security-googleblog-com-3840 74 1 For for IN security-googleblog-com-3840 74 2 large large JJ security-googleblog-com-3840 74 3 projects project NNS security-googleblog-com-3840 74 4 , , , security-googleblog-com-3840 74 5 most most JJS security-googleblog-com-3840 74 6 such such JJ security-googleblog-com-3840 74 7 issues issue NNS security-googleblog-com-3840 74 8 will will MD security-googleblog-com-3840 74 9 arise arise VB security-googleblog-com-3840 74 10 in in IN security-googleblog-com-3840 74 11 the the DT security-googleblog-com-3840 74 12 indirect indirect JJ security-googleblog-com-3840 74 13 dependencies dependency NNS security-googleblog-com-3840 74 14 . . . security-googleblog-com-3840 75 1 Today today NN security-googleblog-com-3840 75 2 , , , security-googleblog-com-3840 75 3 we -PRON- PRP security-googleblog-com-3840 75 4 lack lack VBP security-googleblog-com-3840 75 5 the the DT security-googleblog-com-3840 75 6 precision precision NN security-googleblog-com-3840 75 7 required require VBN security-googleblog-com-3840 75 8 to to TO security-googleblog-com-3840 75 9 do do VB security-googleblog-com-3840 75 10 notification notification NN security-googleblog-com-3840 75 11 well well RB security-googleblog-com-3840 75 12 , , , security-googleblog-com-3840 75 13 but but CC security-googleblog-com-3840 75 14 as as IN security-googleblog-com-3840 75 15 we -PRON- PRP security-googleblog-com-3840 75 16 improve improve VBP security-googleblog-com-3840 75 17 vulnerability vulnerability NN security-googleblog-com-3840 75 18 precision precision NN security-googleblog-com-3840 75 19 and and CC security-googleblog-com-3840 75 20 metadata metadata NN security-googleblog-com-3840 75 21 ( ( -LRB- security-googleblog-com-3840 75 22 as as IN security-googleblog-com-3840 75 23 above above RB security-googleblog-com-3840 75 24 ) ) -RRB- security-googleblog-com-3840 75 25 , , , security-googleblog-com-3840 75 26 we -PRON- PRP security-googleblog-com-3840 75 27 should should MD security-googleblog-com-3840 75 28 also also RB security-googleblog-com-3840 75 29 drive drive VB security-googleblog-com-3840 75 30 notification notification NN security-googleblog-com-3840 75 31 . . . security-googleblog-com-3840 76 1 So so RB security-googleblog-com-3840 76 2 far far RB security-googleblog-com-3840 76 3 , , , security-googleblog-com-3840 76 4 we -PRON- PRP security-googleblog-com-3840 76 5 have have VBP security-googleblog-com-3840 76 6 only only RB security-googleblog-com-3840 76 7 described describe VBN security-googleblog-com-3840 76 8 the the DT security-googleblog-com-3840 76 9 easy easy JJ security-googleblog-com-3840 76 10 case case NN security-googleblog-com-3840 76 11 : : : security-googleblog-com-3840 76 12 a a DT security-googleblog-com-3840 76 13 sequence sequence NN security-googleblog-com-3840 76 14 of of IN security-googleblog-com-3840 76 15 upgrades upgrade NNS security-googleblog-com-3840 76 16 that that WDT security-googleblog-com-3840 76 17 are be VBP security-googleblog-com-3840 76 18 all all RB security-googleblog-com-3840 76 19 backwards backwards RB security-googleblog-com-3840 76 20 compatible compatible JJ security-googleblog-com-3840 76 21 , , , security-googleblog-com-3840 76 22 implying imply VBG security-googleblog-com-3840 76 23 that that IN security-googleblog-com-3840 76 24 the the DT security-googleblog-com-3840 76 25 behavior behavior NN security-googleblog-com-3840 76 26 is be VBZ security-googleblog-com-3840 76 27 the the DT security-googleblog-com-3840 76 28 same same JJ security-googleblog-com-3840 76 29 except except IN security-googleblog-com-3840 76 30 for for IN security-googleblog-com-3840 76 31 the the DT security-googleblog-com-3840 76 32 absence absence NN security-googleblog-com-3840 76 33 of of IN security-googleblog-com-3840 76 34 the the DT security-googleblog-com-3840 76 35 vulnerability vulnerability NN security-googleblog-com-3840 76 36 . . . security-googleblog-com-3840 77 1 In in IN security-googleblog-com-3840 77 2 practice practice NN security-googleblog-com-3840 77 3 , , , security-googleblog-com-3840 77 4 an an DT security-googleblog-com-3840 77 5 upgrade upgrade NN security-googleblog-com-3840 77 6 is be VBZ security-googleblog-com-3840 77 7 often often RB security-googleblog-com-3840 77 8 not not RB security-googleblog-com-3840 77 9 backward backward RB security-googleblog-com-3840 77 10 compatible compatible JJ security-googleblog-com-3840 77 11 , , , security-googleblog-com-3840 77 12 or or CC security-googleblog-com-3840 77 13 is be VBZ security-googleblog-com-3840 77 14 blocked block VBN security-googleblog-com-3840 77 15 by by IN security-googleblog-com-3840 77 16 restrictive restrictive JJ security-googleblog-com-3840 77 17 version version NN security-googleblog-com-3840 77 18 requirements requirement NNS security-googleblog-com-3840 77 19 . . . security-googleblog-com-3840 78 1 These these DT security-googleblog-com-3840 78 2 issues issue NNS security-googleblog-com-3840 78 3 mean mean VBP security-googleblog-com-3840 78 4 that that IN security-googleblog-com-3840 78 5 updating update VBG security-googleblog-com-3840 78 6 a a DT security-googleblog-com-3840 78 7 package package NN security-googleblog-com-3840 78 8 deep deep JJ security-googleblog-com-3840 78 9 in in IN security-googleblog-com-3840 78 10 the the DT security-googleblog-com-3840 78 11 dependency dependency NN security-googleblog-com-3840 78 12 tree tree NN security-googleblog-com-3840 78 13 must must MD security-googleblog-com-3840 78 14 cause cause VB security-googleblog-com-3840 78 15 some some DT security-googleblog-com-3840 78 16 churn churn NN security-googleblog-com-3840 78 17 , , , security-googleblog-com-3840 78 18 or or CC security-googleblog-com-3840 78 19 at at IN security-googleblog-com-3840 78 20 least least JJS security-googleblog-com-3840 78 21 requirement requirement NN security-googleblog-com-3840 78 22 updates update NNS security-googleblog-com-3840 78 23 , , , security-googleblog-com-3840 78 24 in in IN security-googleblog-com-3840 78 25 the the DT security-googleblog-com-3840 78 26 things thing NNS security-googleblog-com-3840 78 27 above above IN security-googleblog-com-3840 78 28 it -PRON- PRP security-googleblog-com-3840 78 29 . . . security-googleblog-com-3840 79 1 The the DT security-googleblog-com-3840 79 2 situation situation NN security-googleblog-com-3840 79 3 often often RB security-googleblog-com-3840 79 4 arises arise VBZ security-googleblog-com-3840 79 5 when when WRB security-googleblog-com-3840 79 6 the the DT security-googleblog-com-3840 79 7 fix fix NN security-googleblog-com-3840 79 8 is be VBZ security-googleblog-com-3840 79 9 made make VBN security-googleblog-com-3840 79 10 to to IN security-googleblog-com-3840 79 11 the the DT security-googleblog-com-3840 79 12 latest late JJS security-googleblog-com-3840 79 13 version version NN security-googleblog-com-3840 79 14 , , , security-googleblog-com-3840 79 15 say say VB security-googleblog-com-3840 79 16 1.3 1.3 CD security-googleblog-com-3840 79 17 , , , security-googleblog-com-3840 79 18 but but CC security-googleblog-com-3840 79 19 your -PRON- PRP$ security-googleblog-com-3840 79 20 software software NN security-googleblog-com-3840 79 21 or or CC security-googleblog-com-3840 79 22 intervening intervening NN security-googleblog-com-3840 79 23 packages package NNS security-googleblog-com-3840 79 24 request request VBP security-googleblog-com-3840 79 25 1.2 1.2 CD security-googleblog-com-3840 79 26 . . . security-googleblog-com-3840 80 1 We -PRON- PRP security-googleblog-com-3840 80 2 see see VBP security-googleblog-com-3840 80 3 this this DT security-googleblog-com-3840 80 4 situation situation NN security-googleblog-com-3840 80 5 often often RB security-googleblog-com-3840 80 6 , , , security-googleblog-com-3840 80 7 and and CC security-googleblog-com-3840 80 8 it -PRON- PRP security-googleblog-com-3840 80 9 remains remain VBZ security-googleblog-com-3840 80 10 a a DT security-googleblog-com-3840 80 11 big big JJ security-googleblog-com-3840 80 12 challenge challenge NN security-googleblog-com-3840 80 13 that that WDT security-googleblog-com-3840 80 14 is be VBZ security-googleblog-com-3840 80 15 made make VBN security-googleblog-com-3840 80 16 even even RB security-googleblog-com-3840 80 17 harder hard RBR security-googleblog-com-3840 80 18 by by IN security-googleblog-com-3840 80 19 the the DT security-googleblog-com-3840 80 20 difficulty difficulty NN security-googleblog-com-3840 80 21 of of IN security-googleblog-com-3840 80 22 getting get VBG security-googleblog-com-3840 80 23 owners owner NNS security-googleblog-com-3840 80 24 to to TO security-googleblog-com-3840 80 25 update update VB security-googleblog-com-3840 80 26 intervening intervening NN security-googleblog-com-3840 80 27 packages package NNS security-googleblog-com-3840 80 28 . . . security-googleblog-com-3840 81 1 Moreover moreover RB security-googleblog-com-3840 81 2 , , , security-googleblog-com-3840 81 3 if if IN security-googleblog-com-3840 81 4 you -PRON- PRP security-googleblog-com-3840 81 5 use use VBP security-googleblog-com-3840 81 6 a a DT security-googleblog-com-3840 81 7 package package NN security-googleblog-com-3840 81 8 in in IN security-googleblog-com-3840 81 9 a a DT security-googleblog-com-3840 81 10 thousand thousand CD security-googleblog-com-3840 81 11 places place NNS security-googleblog-com-3840 81 12 , , , security-googleblog-com-3840 81 13 which which WDT security-googleblog-com-3840 81 14 is be VBZ security-googleblog-com-3840 81 15 not not RB security-googleblog-com-3840 81 16 crazy crazy JJ security-googleblog-com-3840 81 17 for for IN security-googleblog-com-3840 81 18 a a DT security-googleblog-com-3840 81 19 big big JJ security-googleblog-com-3840 81 20 enterprise enterprise NN security-googleblog-com-3840 81 21 , , , security-googleblog-com-3840 81 22 you -PRON- PRP security-googleblog-com-3840 81 23 might may MD security-googleblog-com-3840 81 24 need need VB security-googleblog-com-3840 81 25 to to TO security-googleblog-com-3840 81 26 go go VB security-googleblog-com-3840 81 27 through through IN security-googleblog-com-3840 81 28 the the DT security-googleblog-com-3840 81 29 update update NN security-googleblog-com-3840 81 30 process process NN security-googleblog-com-3840 81 31 a a DT security-googleblog-com-3840 81 32 thousand thousand CD security-googleblog-com-3840 81 33 times time NNS security-googleblog-com-3840 81 34 . . . security-googleblog-com-3840 82 1 Goal goal NN security-googleblog-com-3840 82 2 : : : security-googleblog-com-3840 82 3 Fix fix VB security-googleblog-com-3840 82 4 the the DT security-googleblog-com-3840 82 5 Widely widely RB security-googleblog-com-3840 82 6 Used use VBN security-googleblog-com-3840 82 7 Versions version NNS security-googleblog-com-3840 82 8 It -PRON- PRP security-googleblog-com-3840 82 9 ’s ’ VBZ security-googleblog-com-3840 82 10 also also RB security-googleblog-com-3840 82 11 important important JJ security-googleblog-com-3840 82 12 to to TO security-googleblog-com-3840 82 13 fix fix VB security-googleblog-com-3840 82 14 the the DT security-googleblog-com-3840 82 15 vulnerability vulnerability NN security-googleblog-com-3840 82 16 in in IN security-googleblog-com-3840 82 17 the the DT security-googleblog-com-3840 82 18 older old JJR security-googleblog-com-3840 82 19 versions version NNS security-googleblog-com-3840 82 20 , , , security-googleblog-com-3840 82 21 especially especially RB security-googleblog-com-3840 82 22 those those DT security-googleblog-com-3840 82 23 in in IN security-googleblog-com-3840 82 24 heavy heavy JJ security-googleblog-com-3840 82 25 use use NN security-googleblog-com-3840 82 26 . . . security-googleblog-com-3840 83 1 Such such JJ security-googleblog-com-3840 83 2 repair repair NN security-googleblog-com-3840 83 3 is be VBZ security-googleblog-com-3840 83 4 common common JJ security-googleblog-com-3840 83 5 practice practice NN security-googleblog-com-3840 83 6 for for IN security-googleblog-com-3840 83 7 the the DT security-googleblog-com-3840 83 8 subset subset NN security-googleblog-com-3840 83 9 of of IN security-googleblog-com-3840 83 10 software software NN security-googleblog-com-3840 83 11 that that WDT security-googleblog-com-3840 83 12 has have VBZ security-googleblog-com-3840 83 13 long long JJ security-googleblog-com-3840 83 14 - - HYPH security-googleblog-com-3840 83 15 term term NN security-googleblog-com-3840 83 16 support support NN security-googleblog-com-3840 83 17 , , , security-googleblog-com-3840 83 18 but but CC security-googleblog-com-3840 83 19 ideally ideally RB security-googleblog-com-3840 83 20 all all DT security-googleblog-com-3840 83 21 widely widely RB security-googleblog-com-3840 83 22 used use VBN security-googleblog-com-3840 83 23 versions version NNS security-googleblog-com-3840 83 24 should should MD security-googleblog-com-3840 83 25 be be VB security-googleblog-com-3840 83 26 fixed fix VBN security-googleblog-com-3840 83 27 , , , security-googleblog-com-3840 83 28 especially especially RB security-googleblog-com-3840 83 29 for for IN security-googleblog-com-3840 83 30 security security NN security-googleblog-com-3840 83 31 risks risk NNS security-googleblog-com-3840 83 32 . . . security-googleblog-com-3840 84 1 Automation automation NN security-googleblog-com-3840 84 2 could could MD security-googleblog-com-3840 84 3 help help VB security-googleblog-com-3840 84 4 : : : security-googleblog-com-3840 84 5 given give VBN security-googleblog-com-3840 84 6 a a DT security-googleblog-com-3840 84 7 fix fix NN security-googleblog-com-3840 84 8 for for IN security-googleblog-com-3840 84 9 one one CD security-googleblog-com-3840 84 10 version version NN security-googleblog-com-3840 84 11 , , , security-googleblog-com-3840 84 12 perhaps perhaps RB security-googleblog-com-3840 84 13 we -PRON- PRP security-googleblog-com-3840 84 14 can can MD security-googleblog-com-3840 84 15 generate generate VB security-googleblog-com-3840 84 16 good good JJ security-googleblog-com-3840 84 17 candidate candidate NN security-googleblog-com-3840 84 18 fixes fix NNS security-googleblog-com-3840 84 19 for for IN security-googleblog-com-3840 84 20 other other JJ security-googleblog-com-3840 84 21 versions version NNS security-googleblog-com-3840 84 22 . . . security-googleblog-com-3840 85 1 This this DT security-googleblog-com-3840 85 2 process process NN security-googleblog-com-3840 85 3 is be VBZ security-googleblog-com-3840 85 4 sometimes sometimes RB security-googleblog-com-3840 85 5 done do VBN security-googleblog-com-3840 85 6 by by IN security-googleblog-com-3840 85 7 hand hand NN security-googleblog-com-3840 85 8 today today NN security-googleblog-com-3840 85 9 , , , security-googleblog-com-3840 85 10 but but CC security-googleblog-com-3840 85 11 if if IN security-googleblog-com-3840 85 12 we -PRON- PRP security-googleblog-com-3840 85 13 can can MD security-googleblog-com-3840 85 14 make make VB security-googleblog-com-3840 85 15 it -PRON- PRP security-googleblog-com-3840 85 16 significantly significantly RB security-googleblog-com-3840 85 17 easier easy JJR security-googleblog-com-3840 85 18 , , , security-googleblog-com-3840 85 19 more more JJR security-googleblog-com-3840 85 20 versions version NNS security-googleblog-com-3840 85 21 will will MD security-googleblog-com-3840 85 22 actually actually RB security-googleblog-com-3840 85 23 get get VB security-googleblog-com-3840 85 24 patched patch VBN security-googleblog-com-3840 85 25 , , , security-googleblog-com-3840 85 26 and and CC security-googleblog-com-3840 85 27 there there EX security-googleblog-com-3840 85 28 will will MD security-googleblog-com-3840 85 29 be be VB security-googleblog-com-3840 85 30 less less JJR security-googleblog-com-3840 85 31 work work NN security-googleblog-com-3840 85 32 to to TO security-googleblog-com-3840 85 33 do do VB security-googleblog-com-3840 85 34 higher high JJR security-googleblog-com-3840 85 35 in in IN security-googleblog-com-3840 85 36 the the DT security-googleblog-com-3840 85 37 chain chain NN security-googleblog-com-3840 85 38 . . . security-googleblog-com-3840 86 1 To to TO security-googleblog-com-3840 86 2 summarize summarize VB security-googleblog-com-3840 86 3 , , , security-googleblog-com-3840 86 4 we -PRON- PRP security-googleblog-com-3840 86 5 need need VBP security-googleblog-com-3840 86 6 ways way NNS security-googleblog-com-3840 86 7 to to TO security-googleblog-com-3840 86 8 make make VB security-googleblog-com-3840 86 9 fixing fixing NN security-googleblog-com-3840 86 10 vulnerabilities vulnerability NNS security-googleblog-com-3840 86 11 , , , security-googleblog-com-3840 86 12 especially especially RB security-googleblog-com-3840 86 13 in in IN security-googleblog-com-3840 86 14 dependencies dependency NNS security-googleblog-com-3840 86 15 , , , security-googleblog-com-3840 86 16 both both CC security-googleblog-com-3840 86 17 easier easy JJR security-googleblog-com-3840 86 18 and and CC security-googleblog-com-3840 86 19 more more RBR security-googleblog-com-3840 86 20 timely timely JJ security-googleblog-com-3840 86 21 . . . security-googleblog-com-3840 87 1 We -PRON- PRP security-googleblog-com-3840 87 2 need need VBP security-googleblog-com-3840 87 3 to to TO security-googleblog-com-3840 87 4 increase increase VB security-googleblog-com-3840 87 5 the the DT security-googleblog-com-3840 87 6 chance chance NN security-googleblog-com-3840 87 7 that that IN security-googleblog-com-3840 87 8 there there EX security-googleblog-com-3840 87 9 is be VBZ security-googleblog-com-3840 87 10 a a DT security-googleblog-com-3840 87 11 fix fix NN security-googleblog-com-3840 87 12 for for IN security-googleblog-com-3840 87 13 widely widely RB security-googleblog-com-3840 87 14 used use VBN security-googleblog-com-3840 87 15 versions version NNS security-googleblog-com-3840 87 16 and and CC security-googleblog-com-3840 87 17 not not RB security-googleblog-com-3840 87 18 just just RB security-googleblog-com-3840 87 19 for for IN security-googleblog-com-3840 87 20 the the DT security-googleblog-com-3840 87 21 latest late JJS security-googleblog-com-3840 87 22 version version NN security-googleblog-com-3840 87 23 , , , security-googleblog-com-3840 87 24 which which WDT security-googleblog-com-3840 87 25 is be VBZ security-googleblog-com-3840 87 26 often often RB security-googleblog-com-3840 87 27 hard hard JJ security-googleblog-com-3840 87 28 to to TO security-googleblog-com-3840 87 29 adopt adopt VB security-googleblog-com-3840 87 30 due due IN security-googleblog-com-3840 87 31 to to IN security-googleblog-com-3840 87 32 the the DT security-googleblog-com-3840 87 33 other other JJ security-googleblog-com-3840 87 34 changes change NNS security-googleblog-com-3840 87 35 it -PRON- PRP security-googleblog-com-3840 87 36 includes include VBZ security-googleblog-com-3840 87 37 . . . security-googleblog-com-3840 88 1 Finally finally RB security-googleblog-com-3840 88 2 , , , security-googleblog-com-3840 88 3 there there EX security-googleblog-com-3840 88 4 are be VBP security-googleblog-com-3840 88 5 many many JJ security-googleblog-com-3840 88 6 other other JJ security-googleblog-com-3840 88 7 options option NNS security-googleblog-com-3840 88 8 on on IN security-googleblog-com-3840 88 9 the the DT security-googleblog-com-3840 88 10 “ " `` security-googleblog-com-3840 88 11 fixing fixing NN security-googleblog-com-3840 88 12 ” " '' security-googleblog-com-3840 88 13 front front NN security-googleblog-com-3840 88 14 , , , security-googleblog-com-3840 88 15 including include VBG security-googleblog-com-3840 88 16 various various JJ security-googleblog-com-3840 88 17 kinds kind NNS security-googleblog-com-3840 88 18 of of IN security-googleblog-com-3840 88 19 mitigations mitigation NNS security-googleblog-com-3840 88 20 , , , security-googleblog-com-3840 88 21 such such JJ security-googleblog-com-3840 88 22 as as IN security-googleblog-com-3840 88 23 avoiding avoid VBG security-googleblog-com-3840 88 24 certain certain JJ security-googleblog-com-3840 88 25 methods method NNS security-googleblog-com-3840 88 26 , , , security-googleblog-com-3840 88 27 or or CC security-googleblog-com-3840 88 28 limiting limit VBG security-googleblog-com-3840 88 29 risk risk NN security-googleblog-com-3840 88 30 through through IN security-googleblog-com-3840 88 31 sandboxes sandbox NNS security-googleblog-com-3840 88 32 or or CC security-googleblog-com-3840 88 33 access access NN security-googleblog-com-3840 88 34 controls control NNS security-googleblog-com-3840 88 35 . . . security-googleblog-com-3840 89 1 These these DT security-googleblog-com-3840 89 2 are be VBP security-googleblog-com-3840 89 3 important important JJ security-googleblog-com-3840 89 4 practical practical JJ security-googleblog-com-3840 89 5 options option NNS security-googleblog-com-3840 89 6 that that WDT security-googleblog-com-3840 89 7 need need VBP security-googleblog-com-3840 89 8 more more JJR security-googleblog-com-3840 89 9 discussion discussion NN security-googleblog-com-3840 89 10 and and CC security-googleblog-com-3840 89 11 support support NN security-googleblog-com-3840 89 12 . . . security-googleblog-com-3840 90 1 Prevention prevention NN security-googleblog-com-3840 90 2 for for IN security-googleblog-com-3840 90 3 Critical Critical NNP security-googleblog-com-3840 90 4 Software Software NNP security-googleblog-com-3840 90 5 The the DT security-googleblog-com-3840 90 6 framing framing NN security-googleblog-com-3840 90 7 above above RB security-googleblog-com-3840 90 8 applies apply VBZ security-googleblog-com-3840 90 9 broadly broadly RB security-googleblog-com-3840 90 10 to to IN security-googleblog-com-3840 90 11 vulnerabilities vulnerability NNS security-googleblog-com-3840 90 12 , , , security-googleblog-com-3840 90 13 regardless regardless RB security-googleblog-com-3840 90 14 of of IN security-googleblog-com-3840 90 15 whether whether IN security-googleblog-com-3840 90 16 they -PRON- PRP security-googleblog-com-3840 90 17 are be VBP security-googleblog-com-3840 90 18 due due JJ security-googleblog-com-3840 90 19 to to IN security-googleblog-com-3840 90 20 bad bad JJ security-googleblog-com-3840 90 21 actors actor NNS security-googleblog-com-3840 90 22 or or CC security-googleblog-com-3840 90 23 are be VBP security-googleblog-com-3840 90 24 merely merely RB security-googleblog-com-3840 90 25 innocent innocent JJ security-googleblog-com-3840 90 26 mistakes mistake NNS security-googleblog-com-3840 90 27 . . . security-googleblog-com-3840 91 1 Although although IN security-googleblog-com-3840 91 2 the the DT security-googleblog-com-3840 91 3 suggested suggest VBN security-googleblog-com-3840 91 4 goals goal NNS security-googleblog-com-3840 91 5 cover cover VBP security-googleblog-com-3840 91 6 most most JJS security-googleblog-com-3840 91 7 vulnerabilities vulnerability NNS security-googleblog-com-3840 91 8 , , , security-googleblog-com-3840 91 9 they -PRON- PRP security-googleblog-com-3840 91 10 are be VBP security-googleblog-com-3840 91 11 not not RB security-googleblog-com-3840 91 12 sufficient sufficient JJ security-googleblog-com-3840 91 13 to to TO security-googleblog-com-3840 91 14 prevent prevent VB security-googleblog-com-3840 91 15 malicious malicious JJ security-googleblog-com-3840 91 16 behavior behavior NN security-googleblog-com-3840 91 17 . . . security-googleblog-com-3840 92 1 To to TO security-googleblog-com-3840 92 2 have have VB security-googleblog-com-3840 92 3 a a DT security-googleblog-com-3840 92 4 meaningful meaningful JJ security-googleblog-com-3840 92 5 impact impact NN security-googleblog-com-3840 92 6 on on IN security-googleblog-com-3840 92 7 prevention prevention NN security-googleblog-com-3840 92 8 for for IN security-googleblog-com-3840 92 9 bad bad JJ security-googleblog-com-3840 92 10 actors actor NNS security-googleblog-com-3840 92 11 , , , security-googleblog-com-3840 92 12 including include VBG security-googleblog-com-3840 92 13 supply supply NN security-googleblog-com-3840 92 14 - - HYPH security-googleblog-com-3840 92 15 chain chain NN security-googleblog-com-3840 92 16 attacks attack NNS security-googleblog-com-3840 92 17 , , , security-googleblog-com-3840 92 18 we -PRON- PRP security-googleblog-com-3840 92 19 need need VBP security-googleblog-com-3840 92 20 to to TO security-googleblog-com-3840 92 21 improve improve VB security-googleblog-com-3840 92 22 the the DT security-googleblog-com-3840 92 23 processes process NNS security-googleblog-com-3840 92 24 used use VBN security-googleblog-com-3840 92 25 for for IN security-googleblog-com-3840 92 26 development development NN security-googleblog-com-3840 92 27 . . . security-googleblog-com-3840 93 1 This this DT security-googleblog-com-3840 93 2 is be VBZ security-googleblog-com-3840 93 3 a a DT security-googleblog-com-3840 93 4 big big JJ security-googleblog-com-3840 93 5 task task NN security-googleblog-com-3840 93 6 , , , security-googleblog-com-3840 93 7 and and CC security-googleblog-com-3840 93 8 currently currently RB security-googleblog-com-3840 93 9 unrealistic unrealistic JJ security-googleblog-com-3840 93 10 for for IN security-googleblog-com-3840 93 11 the the DT security-googleblog-com-3840 93 12 majority majority NN security-googleblog-com-3840 93 13 of of IN security-googleblog-com-3840 93 14 open open JJ security-googleblog-com-3840 93 15 source source NN security-googleblog-com-3840 93 16 . . . security-googleblog-com-3840 94 1 Part part NN security-googleblog-com-3840 94 2 of of IN security-googleblog-com-3840 94 3 the the DT security-googleblog-com-3840 94 4 beauty beauty NN security-googleblog-com-3840 94 5 of of IN security-googleblog-com-3840 94 6 open open JJ security-googleblog-com-3840 94 7 source source NN security-googleblog-com-3840 94 8 is be VBZ security-googleblog-com-3840 94 9 its -PRON- PRP$ security-googleblog-com-3840 94 10 lack lack NN security-googleblog-com-3840 94 11 of of IN security-googleblog-com-3840 94 12 constraints constraint NNS security-googleblog-com-3840 94 13 on on IN security-googleblog-com-3840 94 14 the the DT security-googleblog-com-3840 94 15 process process NN security-googleblog-com-3840 94 16 , , , security-googleblog-com-3840 94 17 which which WDT security-googleblog-com-3840 94 18 encourages encourage VBZ security-googleblog-com-3840 94 19 a a DT security-googleblog-com-3840 94 20 wide wide JJ security-googleblog-com-3840 94 21 range range NN security-googleblog-com-3840 94 22 of of IN security-googleblog-com-3840 94 23 contributors contributor NNS security-googleblog-com-3840 94 24 . . . security-googleblog-com-3840 95 1 However however RB security-googleblog-com-3840 95 2 , , , security-googleblog-com-3840 95 3 that that DT security-googleblog-com-3840 95 4 flexibility flexibility NN security-googleblog-com-3840 95 5 can can MD security-googleblog-com-3840 95 6 hinder hinder VB security-googleblog-com-3840 95 7 security security NN security-googleblog-com-3840 95 8 considerations consideration NNS security-googleblog-com-3840 95 9 . . . security-googleblog-com-3840 96 1 We -PRON- PRP security-googleblog-com-3840 96 2 want want VBP security-googleblog-com-3840 96 3 contributors contributor NNS security-googleblog-com-3840 96 4 , , , security-googleblog-com-3840 96 5 but but CC security-googleblog-com-3840 96 6 we -PRON- PRP security-googleblog-com-3840 96 7 can can MD security-googleblog-com-3840 96 8 not not RB security-googleblog-com-3840 96 9 expect expect VB security-googleblog-com-3840 96 10 everyone everyone NN security-googleblog-com-3840 96 11 to to TO security-googleblog-com-3840 96 12 be be VB security-googleblog-com-3840 96 13 equally equally RB security-googleblog-com-3840 96 14 focused focused JJ security-googleblog-com-3840 96 15 on on IN security-googleblog-com-3840 96 16 security security NN security-googleblog-com-3840 96 17 . . . security-googleblog-com-3840 97 1 Instead instead RB security-googleblog-com-3840 97 2 , , , security-googleblog-com-3840 97 3 we -PRON- PRP security-googleblog-com-3840 97 4 must must MD security-googleblog-com-3840 97 5 identify identify VB security-googleblog-com-3840 97 6 critical critical JJ security-googleblog-com-3840 97 7 packages package NNS security-googleblog-com-3840 97 8 and and CC security-googleblog-com-3840 97 9 protect protect VB security-googleblog-com-3840 97 10 them -PRON- PRP security-googleblog-com-3840 97 11 . . . security-googleblog-com-3840 98 1 Such such JJ security-googleblog-com-3840 98 2 critical critical JJ security-googleblog-com-3840 98 3 packages package NNS security-googleblog-com-3840 98 4 must must MD security-googleblog-com-3840 98 5 be be VB security-googleblog-com-3840 98 6 held hold VBN security-googleblog-com-3840 98 7 to to IN security-googleblog-com-3840 98 8 a a DT security-googleblog-com-3840 98 9 range range NN security-googleblog-com-3840 98 10 of of IN security-googleblog-com-3840 98 11 higher high JJR security-googleblog-com-3840 98 12 development development NN security-googleblog-com-3840 98 13 standards standard NNS security-googleblog-com-3840 98 14 , , , security-googleblog-com-3840 98 15 even even RB security-googleblog-com-3840 98 16 though though IN security-googleblog-com-3840 98 17 that that DT security-googleblog-com-3840 98 18 might may MD security-googleblog-com-3840 98 19 add add VB security-googleblog-com-3840 98 20 developer developer NN security-googleblog-com-3840 98 21 friction friction NN security-googleblog-com-3840 98 22 . . . security-googleblog-com-3840 99 1 Goal goal NN security-googleblog-com-3840 99 2 : : : security-googleblog-com-3840 99 3 Define define VB security-googleblog-com-3840 99 4 Criteria Criteria NNP security-googleblog-com-3840 99 5 for for IN security-googleblog-com-3840 99 6 “ " `` security-googleblog-com-3840 99 7 Critical critical JJ security-googleblog-com-3840 99 8 ” " '' security-googleblog-com-3840 99 9 Open Open NNP security-googleblog-com-3840 99 10 Source source NN security-googleblog-com-3840 99 11 Projects project NNS security-googleblog-com-3840 99 12 that that WDT security-googleblog-com-3840 99 13 Merit Merit NNP security-googleblog-com-3840 99 14 Higher high JJR security-googleblog-com-3840 99 15 Standards Standards NNPS security-googleblog-com-3840 99 16 It -PRON- PRP security-googleblog-com-3840 99 17 is be VBZ security-googleblog-com-3840 99 18 important important JJ security-googleblog-com-3840 99 19 to to TO security-googleblog-com-3840 99 20 identify identify VB security-googleblog-com-3840 99 21 the the DT security-googleblog-com-3840 99 22 “ " `` security-googleblog-com-3840 99 23 critical critical JJ security-googleblog-com-3840 99 24 ” " '' security-googleblog-com-3840 99 25 packages package NNS security-googleblog-com-3840 99 26 that that WDT security-googleblog-com-3840 99 27 we -PRON- PRP security-googleblog-com-3840 99 28 all all DT security-googleblog-com-3840 99 29 depend depend VBP security-googleblog-com-3840 99 30 upon upon IN security-googleblog-com-3840 99 31 and and CC security-googleblog-com-3840 99 32 whose whose WP$ security-googleblog-com-3840 99 33 compromise compromise NN security-googleblog-com-3840 99 34 would would MD security-googleblog-com-3840 99 35 endanger endanger VB security-googleblog-com-3840 99 36 critical critical JJ security-googleblog-com-3840 99 37 infrastructure infrastructure NN security-googleblog-com-3840 99 38 or or CC security-googleblog-com-3840 99 39 user user NN security-googleblog-com-3840 99 40 privacy privacy NN security-googleblog-com-3840 99 41 . . . security-googleblog-com-3840 100 1 These these DT security-googleblog-com-3840 100 2 packages package NNS security-googleblog-com-3840 100 3 need need VBP security-googleblog-com-3840 100 4 to to TO security-googleblog-com-3840 100 5 be be VB security-googleblog-com-3840 100 6 held hold VBN security-googleblog-com-3840 100 7 to to IN security-googleblog-com-3840 100 8 higher high JJR security-googleblog-com-3840 100 9 standards standard NNS security-googleblog-com-3840 100 10 , , , security-googleblog-com-3840 100 11 some some DT security-googleblog-com-3840 100 12 of of IN security-googleblog-com-3840 100 13 which which WDT security-googleblog-com-3840 100 14 we -PRON- PRP security-googleblog-com-3840 100 15 outline outline VBP security-googleblog-com-3840 100 16 below below RB security-googleblog-com-3840 100 17 . . . security-googleblog-com-3840 101 1 It -PRON- PRP security-googleblog-com-3840 101 2 is be VBZ security-googleblog-com-3840 101 3 not not RB security-googleblog-com-3840 101 4 obvious obvious JJ security-googleblog-com-3840 101 5 how how WRB security-googleblog-com-3840 101 6 to to TO security-googleblog-com-3840 101 7 define define VB security-googleblog-com-3840 101 8 “ " `` security-googleblog-com-3840 101 9 critical critical JJ security-googleblog-com-3840 101 10 ” " '' security-googleblog-com-3840 101 11 and and CC security-googleblog-com-3840 101 12 the the DT security-googleblog-com-3840 101 13 definition definition NN security-googleblog-com-3840 101 14 will will MD security-googleblog-com-3840 101 15 likely likely RB security-googleblog-com-3840 101 16 expand expand VB security-googleblog-com-3840 101 17 over over IN security-googleblog-com-3840 101 18 time time NN security-googleblog-com-3840 101 19 . . . security-googleblog-com-3840 102 1 Beyond beyond IN security-googleblog-com-3840 102 2 obvious obvious JJ security-googleblog-com-3840 102 3 software software NN security-googleblog-com-3840 102 4 , , , security-googleblog-com-3840 102 5 such such JJ security-googleblog-com-3840 102 6 as as IN security-googleblog-com-3840 102 7 OpenSSL openssl NN security-googleblog-com-3840 102 8 or or CC security-googleblog-com-3840 102 9 key key JJ security-googleblog-com-3840 102 10 cryptographic cryptographic JJ security-googleblog-com-3840 102 11 libraries library NNS security-googleblog-com-3840 102 12 , , , security-googleblog-com-3840 102 13 there there EX security-googleblog-com-3840 102 14 are be VBP security-googleblog-com-3840 102 15 widely widely RB security-googleblog-com-3840 102 16 used use VBN security-googleblog-com-3840 102 17 packages package NNS security-googleblog-com-3840 102 18 where where WRB security-googleblog-com-3840 102 19 their -PRON- PRP$ security-googleblog-com-3840 102 20 sheer sheer JJ security-googleblog-com-3840 102 21 reach reach NN security-googleblog-com-3840 102 22 makes make VBZ security-googleblog-com-3840 102 23 them -PRON- PRP security-googleblog-com-3840 102 24 worth worth JJ security-googleblog-com-3840 102 25 protecting protect VBG security-googleblog-com-3840 102 26 . . . security-googleblog-com-3840 103 1 We -PRON- PRP security-googleblog-com-3840 103 2 started start VBD security-googleblog-com-3840 103 3 the the DT security-googleblog-com-3840 103 4 Criticality Criticality NNP security-googleblog-com-3840 103 5 Score Score NNP security-googleblog-com-3840 103 6 project project NN security-googleblog-com-3840 103 7 to to TO security-googleblog-com-3840 103 8 brainstorm brainstorm VB security-googleblog-com-3840 103 9 this this DT security-googleblog-com-3840 103 10 problem problem NN security-googleblog-com-3840 103 11 with with IN security-googleblog-com-3840 103 12 the the DT security-googleblog-com-3840 103 13 community community NN security-googleblog-com-3840 103 14 , , , security-googleblog-com-3840 103 15 as as RB security-googleblog-com-3840 103 16 well well RB security-googleblog-com-3840 103 17 collaborating collaborate VBG security-googleblog-com-3840 103 18 with with IN security-googleblog-com-3840 103 19 Harvard Harvard NNP security-googleblog-com-3840 103 20 on on IN security-googleblog-com-3840 103 21 the the DT security-googleblog-com-3840 103 22 Open Open NNP security-googleblog-com-3840 103 23 Source Source NNP security-googleblog-com-3840 103 24 Census Census NNP security-googleblog-com-3840 103 25 efforts effort NNS security-googleblog-com-3840 103 26 . . . security-googleblog-com-3840 104 1 Goal goal NN security-googleblog-com-3840 104 2 : : : security-googleblog-com-3840 104 3 No no DT security-googleblog-com-3840 104 4 Unilateral unilateral JJ security-googleblog-com-3840 104 5 Changes Changes NNPS security-googleblog-com-3840 104 6 to to IN security-googleblog-com-3840 104 7 Critical Critical NNP security-googleblog-com-3840 104 8 Software Software NNP security-googleblog-com-3840 104 9 One one CD security-googleblog-com-3840 104 10 principle principle NN security-googleblog-com-3840 104 11 that that WDT security-googleblog-com-3840 104 12 we -PRON- PRP security-googleblog-com-3840 104 13 follow follow VBP security-googleblog-com-3840 104 14 across across IN security-googleblog-com-3840 104 15 Google Google NNP security-googleblog-com-3840 104 16 is be VBZ security-googleblog-com-3840 104 17 that that IN security-googleblog-com-3840 104 18 changes change NNS security-googleblog-com-3840 104 19 should should MD security-googleblog-com-3840 104 20 not not RB security-googleblog-com-3840 104 21 be be VB security-googleblog-com-3840 104 22 unilateral unilateral JJ security-googleblog-com-3840 104 23 — — : security-googleblog-com-3840 104 24 that that RB security-googleblog-com-3840 104 25 is is RB security-googleblog-com-3840 104 26 , , , security-googleblog-com-3840 104 27 every every DT security-googleblog-com-3840 104 28 change change NN security-googleblog-com-3840 104 29 involves involve VBZ security-googleblog-com-3840 104 30 at at IN security-googleblog-com-3840 104 31 least least JJS security-googleblog-com-3840 104 32 an an DT security-googleblog-com-3840 104 33 author author NN security-googleblog-com-3840 104 34 and and CC security-googleblog-com-3840 104 35 a a DT security-googleblog-com-3840 104 36 reviewer reviewer NN security-googleblog-com-3840 104 37 or or CC security-googleblog-com-3840 104 38 approver approver NN security-googleblog-com-3840 104 39 . . . security-googleblog-com-3840 105 1 The the DT security-googleblog-com-3840 105 2 goal goal NN security-googleblog-com-3840 105 3 is be VBZ security-googleblog-com-3840 105 4 to to TO security-googleblog-com-3840 105 5 limit limit VB security-googleblog-com-3840 105 6 what what WP security-googleblog-com-3840 105 7 an an DT security-googleblog-com-3840 105 8 adversary adversary NN security-googleblog-com-3840 105 9 can can MD security-googleblog-com-3840 105 10 do do VB security-googleblog-com-3840 105 11 on on IN security-googleblog-com-3840 105 12 their -PRON- PRP$ security-googleblog-com-3840 105 13 own own JJ security-googleblog-com-3840 105 14 — — : security-googleblog-com-3840 105 15 we -PRON- PRP security-googleblog-com-3840 105 16 need need VBP security-googleblog-com-3840 105 17 to to TO security-googleblog-com-3840 105 18 make make VB security-googleblog-com-3840 105 19 sure sure JJ security-googleblog-com-3840 105 20 someone someone NN security-googleblog-com-3840 105 21 is be VBZ security-googleblog-com-3840 105 22 actually actually RB security-googleblog-com-3840 105 23 looking look VBG security-googleblog-com-3840 105 24 at at IN security-googleblog-com-3840 105 25 the the DT security-googleblog-com-3840 105 26 changes change NNS security-googleblog-com-3840 105 27 . . . security-googleblog-com-3840 106 1 To to TO security-googleblog-com-3840 106 2 do do VB security-googleblog-com-3840 106 3 this this DT security-googleblog-com-3840 106 4 well well RB security-googleblog-com-3840 106 5 for for IN security-googleblog-com-3840 106 6 open open JJ security-googleblog-com-3840 106 7 source source NN security-googleblog-com-3840 106 8 is be VBZ security-googleblog-com-3840 106 9 actually actually RB security-googleblog-com-3840 106 10 quite quite PDT security-googleblog-com-3840 106 11 a a DT security-googleblog-com-3840 106 12 bit bit NN security-googleblog-com-3840 106 13 harder hard RBR security-googleblog-com-3840 106 14 than than IN security-googleblog-com-3840 106 15 just just RB security-googleblog-com-3840 106 16 within within IN security-googleblog-com-3840 106 17 a a DT security-googleblog-com-3840 106 18 single single JJ security-googleblog-com-3840 106 19 company company NN security-googleblog-com-3840 106 20 , , , security-googleblog-com-3840 106 21 which which WDT security-googleblog-com-3840 106 22 can can MD security-googleblog-com-3840 106 23 have have VB security-googleblog-com-3840 106 24 strong strong JJ security-googleblog-com-3840 106 25 authentication authentication NN security-googleblog-com-3840 106 26 and and CC security-googleblog-com-3840 106 27 enforce enforce VB security-googleblog-com-3840 106 28 code code NN security-googleblog-com-3840 106 29 reviews review NNS security-googleblog-com-3840 106 30 and and CC security-googleblog-com-3840 106 31 other other JJ security-googleblog-com-3840 106 32 checks check NNS security-googleblog-com-3840 106 33 . . . security-googleblog-com-3840 107 1 Avoiding avoid VBG security-googleblog-com-3840 107 2 unilateral unilateral JJ security-googleblog-com-3840 107 3 changes change NNS security-googleblog-com-3840 107 4 can can MD security-googleblog-com-3840 107 5 be be VB security-googleblog-com-3840 107 6 broken break VBN security-googleblog-com-3840 107 7 down down RP security-googleblog-com-3840 107 8 into into IN security-googleblog-com-3840 107 9 two two CD security-googleblog-com-3840 107 10 sub sub NN security-googleblog-com-3840 107 11 - - JJ security-googleblog-com-3840 107 12 goals goal NNS security-googleblog-com-3840 107 13 : : : security-googleblog-com-3840 107 14 Goal goal NN security-googleblog-com-3840 107 15 : : : security-googleblog-com-3840 107 16 Require Require NNP security-googleblog-com-3840 107 17 Code Code NNP security-googleblog-com-3840 107 18 Review Review NNP security-googleblog-com-3840 107 19 for for IN security-googleblog-com-3840 107 20 Critical Critical NNP security-googleblog-com-3840 107 21 Software Software NNP security-googleblog-com-3840 107 22 Besides besides IN security-googleblog-com-3840 107 23 being be VBG security-googleblog-com-3840 107 24 a a DT security-googleblog-com-3840 107 25 great great JJ security-googleblog-com-3840 107 26 process process NN security-googleblog-com-3840 107 27 for for IN security-googleblog-com-3840 107 28 improving improve VBG security-googleblog-com-3840 107 29 code code NN security-googleblog-com-3840 107 30 , , , security-googleblog-com-3840 107 31 reviews review NNS security-googleblog-com-3840 107 32 ensure ensure VBP security-googleblog-com-3840 107 33 that that IN security-googleblog-com-3840 107 34 at at RB security-googleblog-com-3840 107 35 least least RBS security-googleblog-com-3840 107 36 one one CD security-googleblog-com-3840 107 37 person person NN security-googleblog-com-3840 107 38 other other JJ security-googleblog-com-3840 107 39 than than IN security-googleblog-com-3840 107 40 the the DT security-googleblog-com-3840 107 41 author author NN security-googleblog-com-3840 107 42 is be VBZ security-googleblog-com-3840 107 43 looking look VBG security-googleblog-com-3840 107 44 at at IN security-googleblog-com-3840 107 45 every every DT security-googleblog-com-3840 107 46 change change NN security-googleblog-com-3840 107 47 . . . security-googleblog-com-3840 108 1 Code code NN security-googleblog-com-3840 108 2 reviews review NNS security-googleblog-com-3840 108 3 are be VBP security-googleblog-com-3840 108 4 a a DT security-googleblog-com-3840 108 5 standard standard JJ security-googleblog-com-3840 108 6 practice practice NN security-googleblog-com-3840 108 7 for for IN security-googleblog-com-3840 108 8 all all DT security-googleblog-com-3840 108 9 changes change NNS security-googleblog-com-3840 108 10 within within IN security-googleblog-com-3840 108 11 Google Google NNP security-googleblog-com-3840 108 12 . . . security-googleblog-com-3840 109 1 Goal goal NN security-googleblog-com-3840 109 2 : : : security-googleblog-com-3840 109 3 Changes change NNS security-googleblog-com-3840 109 4 to to IN security-googleblog-com-3840 109 5 Critical Critical NNP security-googleblog-com-3840 109 6 Software software NN security-googleblog-com-3840 109 7 Require require VBP security-googleblog-com-3840 109 8 Approval approval NN security-googleblog-com-3840 109 9 by by IN security-googleblog-com-3840 109 10 Two two CD security-googleblog-com-3840 109 11 Independent Independent NNP security-googleblog-com-3840 109 12 Parties Parties NNPS security-googleblog-com-3840 109 13 To to TO security-googleblog-com-3840 109 14 really really RB security-googleblog-com-3840 109 15 achieve achieve VB security-googleblog-com-3840 109 16 the the DT security-googleblog-com-3840 109 17 “ " `` security-googleblog-com-3840 109 18 someone someone NN security-googleblog-com-3840 109 19 is be VBZ security-googleblog-com-3840 109 20 looking look VBG security-googleblog-com-3840 109 21 ” " '' security-googleblog-com-3840 109 22 goal goal NN security-googleblog-com-3840 109 23 , , , security-googleblog-com-3840 109 24 we -PRON- PRP security-googleblog-com-3840 109 25 need need VBP security-googleblog-com-3840 109 26 the the DT security-googleblog-com-3840 109 27 reviewer reviewer NN security-googleblog-com-3840 109 28 to to TO security-googleblog-com-3840 109 29 be be VB security-googleblog-com-3840 109 30 independent independent JJ security-googleblog-com-3840 109 31 from from IN security-googleblog-com-3840 109 32 the the DT security-googleblog-com-3840 109 33 contributor contributor NN security-googleblog-com-3840 109 34 . . . security-googleblog-com-3840 110 1 And and CC security-googleblog-com-3840 110 2 for for IN security-googleblog-com-3840 110 3 critical critical JJ security-googleblog-com-3840 110 4 changes change NNS security-googleblog-com-3840 110 5 , , , security-googleblog-com-3840 110 6 we -PRON- PRP security-googleblog-com-3840 110 7 probably probably RB security-googleblog-com-3840 110 8 want want VBP security-googleblog-com-3840 110 9 more more JJR security-googleblog-com-3840 110 10 than than IN security-googleblog-com-3840 110 11 one one CD security-googleblog-com-3840 110 12 independent independent JJ security-googleblog-com-3840 110 13 review review NN security-googleblog-com-3840 110 14 . . . security-googleblog-com-3840 111 1 We -PRON- PRP security-googleblog-com-3840 111 2 need need VBP security-googleblog-com-3840 111 3 to to TO security-googleblog-com-3840 111 4 sort sort VB security-googleblog-com-3840 111 5 out out RP security-googleblog-com-3840 111 6 what what WP security-googleblog-com-3840 111 7 counts count VBZ security-googleblog-com-3840 111 8 as as IN security-googleblog-com-3840 111 9 “ " `` security-googleblog-com-3840 111 10 independent independent JJ security-googleblog-com-3840 111 11 ” " '' security-googleblog-com-3840 111 12 review review NN security-googleblog-com-3840 111 13 , , , security-googleblog-com-3840 111 14 of of IN security-googleblog-com-3840 111 15 course course NN security-googleblog-com-3840 111 16 , , , security-googleblog-com-3840 111 17 but but CC security-googleblog-com-3840 111 18 the the DT security-googleblog-com-3840 111 19 idea idea NN security-googleblog-com-3840 111 20 of of IN security-googleblog-com-3840 111 21 independence independence NN security-googleblog-com-3840 111 22 is be VBZ security-googleblog-com-3840 111 23 fundamental fundamental JJ security-googleblog-com-3840 111 24 to to IN security-googleblog-com-3840 111 25 reviews review NNS security-googleblog-com-3840 111 26 in in IN security-googleblog-com-3840 111 27 most most JJS security-googleblog-com-3840 111 28 industries industry NNS security-googleblog-com-3840 111 29 . . . security-googleblog-com-3840 112 1 Goal goal NN security-googleblog-com-3840 112 2 : : : security-googleblog-com-3840 112 3 Authentication authentication NN security-googleblog-com-3840 112 4 for for IN security-googleblog-com-3840 112 5 Participants participant NNS security-googleblog-com-3840 112 6 in in IN security-googleblog-com-3840 112 7 Critical Critical NNP security-googleblog-com-3840 112 8 Software Software NNP security-googleblog-com-3840 112 9 Any any DT security-googleblog-com-3840 112 10 notion notion NN security-googleblog-com-3840 112 11 of of IN security-googleblog-com-3840 112 12 independence independence NN security-googleblog-com-3840 112 13 also also RB security-googleblog-com-3840 112 14 implies imply VBZ security-googleblog-com-3840 112 15 that that IN security-googleblog-com-3840 112 16 you -PRON- PRP security-googleblog-com-3840 112 17 know know VBP security-googleblog-com-3840 112 18 the the DT security-googleblog-com-3840 112 19 actors actor NNS security-googleblog-com-3840 112 20 — — : security-googleblog-com-3840 112 21 an an DT security-googleblog-com-3840 112 22 anonymous anonymous JJ security-googleblog-com-3840 112 23 actor actor NN security-googleblog-com-3840 112 24 can can MD security-googleblog-com-3840 112 25 not not RB security-googleblog-com-3840 112 26 be be VB security-googleblog-com-3840 112 27 assumed assume VBN security-googleblog-com-3840 112 28 to to TO security-googleblog-com-3840 112 29 be be VB security-googleblog-com-3840 112 30 independent independent JJ security-googleblog-com-3840 112 31 or or CC security-googleblog-com-3840 112 32 trustworthy trustworthy JJ security-googleblog-com-3840 112 33 . . . security-googleblog-com-3840 113 1 Today today NN security-googleblog-com-3840 113 2 , , , security-googleblog-com-3840 113 3 we -PRON- PRP security-googleblog-com-3840 113 4 essentially essentially RB security-googleblog-com-3840 113 5 have have VBP security-googleblog-com-3840 113 6 pseudonyms pseudonyms NN security-googleblog-com-3840 113 7 : : : security-googleblog-com-3840 113 8 the the DT security-googleblog-com-3840 113 9 same same JJ security-googleblog-com-3840 113 10 person person NN security-googleblog-com-3840 113 11 uses use VBZ security-googleblog-com-3840 113 12 an an DT security-googleblog-com-3840 113 13 identity identity NN security-googleblog-com-3840 113 14 repeatedly repeatedly RB security-googleblog-com-3840 113 15 and and CC security-googleblog-com-3840 113 16 thus thus RB security-googleblog-com-3840 113 17 can can MD security-googleblog-com-3840 113 18 have have VB security-googleblog-com-3840 113 19 a a DT security-googleblog-com-3840 113 20 reputation reputation NN security-googleblog-com-3840 113 21 , , , security-googleblog-com-3840 113 22 but but CC security-googleblog-com-3840 113 23 we -PRON- PRP security-googleblog-com-3840 113 24 do do VBP security-googleblog-com-3840 113 25 n’t not RB security-googleblog-com-3840 113 26 always always RB security-googleblog-com-3840 113 27 know know VB security-googleblog-com-3840 113 28 the the DT security-googleblog-com-3840 113 29 individual individual NN security-googleblog-com-3840 113 30 ’s ’s POS security-googleblog-com-3840 113 31 trustworthiness trustworthiness NN security-googleblog-com-3840 113 32 . . . security-googleblog-com-3840 114 1 This this DT security-googleblog-com-3840 114 2 leads lead VBZ security-googleblog-com-3840 114 3 to to IN security-googleblog-com-3840 114 4 a a DT security-googleblog-com-3840 114 5 range range NN security-googleblog-com-3840 114 6 of of IN security-googleblog-com-3840 114 7 subgoals subgoal NNS security-googleblog-com-3840 114 8 : : : security-googleblog-com-3840 114 9 Goal goal NN security-googleblog-com-3840 114 10 : : : security-googleblog-com-3840 114 11 For for IN security-googleblog-com-3840 114 12 Critical Critical NNP security-googleblog-com-3840 114 13 Software Software NNP security-googleblog-com-3840 114 14 , , , security-googleblog-com-3840 114 15 Owners Owners NNPS security-googleblog-com-3840 114 16 and and CC security-googleblog-com-3840 114 17 Maintainers Maintainers NNPS security-googleblog-com-3840 114 18 Can can MD security-googleblog-com-3840 114 19 not not RB security-googleblog-com-3840 114 20 be be VB security-googleblog-com-3840 114 21 Anonymous Anonymous NNP security-googleblog-com-3840 114 22 Attackers Attackers NNPS security-googleblog-com-3840 114 23 like like VBP security-googleblog-com-3840 114 24 to to TO security-googleblog-com-3840 114 25 have have VB security-googleblog-com-3840 114 26 anonymity anonymity NN security-googleblog-com-3840 114 27 . . . security-googleblog-com-3840 115 1 There there EX security-googleblog-com-3840 115 2 have have VBP security-googleblog-com-3840 115 3 been be VBN security-googleblog-com-3840 115 4 past past IN security-googleblog-com-3840 115 5 supply supply NN security-googleblog-com-3840 115 6 - - HYPH security-googleblog-com-3840 115 7 chain chain NN security-googleblog-com-3840 115 8 attacks attack NNS security-googleblog-com-3840 115 9 where where WRB security-googleblog-com-3840 115 10 attackers attacker NNS security-googleblog-com-3840 115 11 capitalized capitalize VBD security-googleblog-com-3840 115 12 on on IN security-googleblog-com-3840 115 13 anonymity anonymity NN security-googleblog-com-3840 115 14 and and CC security-googleblog-com-3840 115 15 worked work VBD security-googleblog-com-3840 115 16 their -PRON- PRP$ security-googleblog-com-3840 115 17 way way NN security-googleblog-com-3840 115 18 through through IN security-googleblog-com-3840 115 19 package package NN security-googleblog-com-3840 115 20 communities community NNS security-googleblog-com-3840 115 21 to to TO security-googleblog-com-3840 115 22 become become VB security-googleblog-com-3840 115 23 maintainers maintainer NNS security-googleblog-com-3840 115 24 , , , security-googleblog-com-3840 115 25 without without IN security-googleblog-com-3840 115 26 anyone anyone NN security-googleblog-com-3840 115 27 realizing realize VBG security-googleblog-com-3840 115 28 this this DT security-googleblog-com-3840 115 29 “ " `` security-googleblog-com-3840 115 30 new new NNP security-googleblog-com-3840 115 31 maintainer maintainer NN security-googleblog-com-3840 115 32 ” " '' security-googleblog-com-3840 115 33 had have VBD security-googleblog-com-3840 115 34 malicious malicious JJ security-googleblog-com-3840 115 35 intent intent NN security-googleblog-com-3840 115 36 ( ( -LRB- security-googleblog-com-3840 115 37 compromising compromise VBG security-googleblog-com-3840 115 38 source source NN security-googleblog-com-3840 115 39 code code NN security-googleblog-com-3840 115 40 was be VBD security-googleblog-com-3840 115 41 eventually eventually RB security-googleblog-com-3840 115 42 injected inject VBN security-googleblog-com-3840 115 43 upstream upstream NN security-googleblog-com-3840 115 44 ) ) -RRB- security-googleblog-com-3840 115 45 . . . security-googleblog-com-3840 116 1 To to TO security-googleblog-com-3840 116 2 mitigate mitigate VB security-googleblog-com-3840 116 3 this this DT security-googleblog-com-3840 116 4 risk risk NN security-googleblog-com-3840 116 5 , , , security-googleblog-com-3840 116 6 our -PRON- PRP$ security-googleblog-com-3840 116 7 view view NN security-googleblog-com-3840 116 8 is be VBZ security-googleblog-com-3840 116 9 that that IN security-googleblog-com-3840 116 10 owners owner NNS security-googleblog-com-3840 116 11 and and CC security-googleblog-com-3840 116 12 maintainers maintainer NNS security-googleblog-com-3840 116 13 of of IN security-googleblog-com-3840 116 14 critical critical JJ security-googleblog-com-3840 116 15 software software NN security-googleblog-com-3840 116 16 must must MD security-googleblog-com-3840 116 17 not not RB security-googleblog-com-3840 116 18 be be VB security-googleblog-com-3840 116 19 anonymous anonymous JJ security-googleblog-com-3840 116 20 . . . security-googleblog-com-3840 117 1 It -PRON- PRP security-googleblog-com-3840 117 2 is be VBZ security-googleblog-com-3840 117 3 conceivable conceivable JJ security-googleblog-com-3840 117 4 that that IN security-googleblog-com-3840 117 5 contributors contributor NNS security-googleblog-com-3840 117 6 , , , security-googleblog-com-3840 117 7 unlike unlike IN security-googleblog-com-3840 117 8 owners owner NNS security-googleblog-com-3840 117 9 and and CC security-googleblog-com-3840 117 10 maintainers maintainer NNS security-googleblog-com-3840 117 11 , , , security-googleblog-com-3840 117 12 could could MD security-googleblog-com-3840 117 13 be be VB security-googleblog-com-3840 117 14 anonymous anonymous JJ security-googleblog-com-3840 117 15 , , , security-googleblog-com-3840 117 16 but but CC security-googleblog-com-3840 117 17 only only RB security-googleblog-com-3840 117 18 if if IN security-googleblog-com-3840 117 19 their -PRON- PRP$ security-googleblog-com-3840 117 20 code code NN security-googleblog-com-3840 117 21 has have VBZ security-googleblog-com-3840 117 22 passed pass VBN security-googleblog-com-3840 117 23 multiple multiple JJ security-googleblog-com-3840 117 24 reviews review NNS security-googleblog-com-3840 117 25 by by IN security-googleblog-com-3840 117 26 trusted trusted JJ security-googleblog-com-3840 117 27 parties party NNS security-googleblog-com-3840 117 28 . . . security-googleblog-com-3840 118 1 It -PRON- PRP security-googleblog-com-3840 118 2 is be VBZ security-googleblog-com-3840 118 3 also also RB security-googleblog-com-3840 118 4 conceivable conceivable JJ security-googleblog-com-3840 118 5 that that IN security-googleblog-com-3840 118 6 we -PRON- PRP security-googleblog-com-3840 118 7 could could MD security-googleblog-com-3840 118 8 have have VB security-googleblog-com-3840 118 9 “ " `` security-googleblog-com-3840 118 10 verified verify VBN security-googleblog-com-3840 118 11 ” " '' security-googleblog-com-3840 118 12 identities identity NNS security-googleblog-com-3840 118 13 , , , security-googleblog-com-3840 118 14 in in IN security-googleblog-com-3840 118 15 which which WDT security-googleblog-com-3840 118 16 a a DT security-googleblog-com-3840 118 17 trusted trust VBN security-googleblog-com-3840 118 18 entity entity NN security-googleblog-com-3840 118 19 knows know VBZ security-googleblog-com-3840 118 20 the the DT security-googleblog-com-3840 118 21 real real JJ security-googleblog-com-3840 118 22 identity identity NN security-googleblog-com-3840 118 23 , , , security-googleblog-com-3840 118 24 but but CC security-googleblog-com-3840 118 25 for for IN security-googleblog-com-3840 118 26 privacy privacy NN security-googleblog-com-3840 118 27 reasons reason NNS security-googleblog-com-3840 118 28 the the DT security-googleblog-com-3840 118 29 public public NN security-googleblog-com-3840 118 30 does do VBZ security-googleblog-com-3840 118 31 not not RB security-googleblog-com-3840 118 32 . . . security-googleblog-com-3840 119 1 This this DT security-googleblog-com-3840 119 2 would would MD security-googleblog-com-3840 119 3 enable enable VB security-googleblog-com-3840 119 4 decisions decision NNS security-googleblog-com-3840 119 5 about about IN security-googleblog-com-3840 119 6 independence independence NN security-googleblog-com-3840 119 7 as as RB security-googleblog-com-3840 119 8 well well RB security-googleblog-com-3840 119 9 as as IN security-googleblog-com-3840 119 10 prosecution prosecution NN security-googleblog-com-3840 119 11 for for IN security-googleblog-com-3840 119 12 illegal illegal JJ security-googleblog-com-3840 119 13 behavior behavior NN security-googleblog-com-3840 119 14 . . . security-googleblog-com-3840 120 1 Goal goal NN security-googleblog-com-3840 120 2 : : : security-googleblog-com-3840 120 3 Strong strong JJ security-googleblog-com-3840 120 4 Authentication authentication NN security-googleblog-com-3840 120 5 for for IN security-googleblog-com-3840 120 6 Contributors contributor NNS security-googleblog-com-3840 120 7 of of IN security-googleblog-com-3840 120 8 Critical Critical NNP security-googleblog-com-3840 120 9 Software Software NNP security-googleblog-com-3840 120 10 Malicious malicious JJ security-googleblog-com-3840 120 11 actors actor NNS security-googleblog-com-3840 120 12 look look VBP security-googleblog-com-3840 120 13 for for IN security-googleblog-com-3840 120 14 easy easy JJ security-googleblog-com-3840 120 15 attack attack NN security-googleblog-com-3840 120 16 vectors vector NNS security-googleblog-com-3840 120 17 , , , security-googleblog-com-3840 120 18 so so RB security-googleblog-com-3840 120 19 phishing phishe VBG security-googleblog-com-3840 120 20 attacks attack NNS security-googleblog-com-3840 120 21 and and CC security-googleblog-com-3840 120 22 other other JJ security-googleblog-com-3840 120 23 forms form NNS security-googleblog-com-3840 120 24 of of IN security-googleblog-com-3840 120 25 theft theft NN security-googleblog-com-3840 120 26 related relate VBN security-googleblog-com-3840 120 27 to to IN security-googleblog-com-3840 120 28 credentials credential NNS security-googleblog-com-3840 120 29 are be VBP security-googleblog-com-3840 120 30 common common JJ security-googleblog-com-3840 120 31 . . . security-googleblog-com-3840 121 1 One one CD security-googleblog-com-3840 121 2 obvious obvious JJ security-googleblog-com-3840 121 3 improvement improvement NN security-googleblog-com-3840 121 4 would would MD security-googleblog-com-3840 121 5 be be VB security-googleblog-com-3840 121 6 the the DT security-googleblog-com-3840 121 7 required require VBN security-googleblog-com-3840 121 8 use use NN security-googleblog-com-3840 121 9 of of IN security-googleblog-com-3840 121 10 two two CD security-googleblog-com-3840 121 11 - - HYPH security-googleblog-com-3840 121 12 factor factor NN security-googleblog-com-3840 121 13 authentication authentication NN security-googleblog-com-3840 121 14 , , , security-googleblog-com-3840 121 15 especially especially RB security-googleblog-com-3840 121 16 for for IN security-googleblog-com-3840 121 17 owners owner NNS security-googleblog-com-3840 121 18 and and CC security-googleblog-com-3840 121 19 maintainers maintainer NNS security-googleblog-com-3840 121 20 . . . security-googleblog-com-3840 122 1 Goal goal NN security-googleblog-com-3840 122 2 : : : security-googleblog-com-3840 122 3 A a DT security-googleblog-com-3840 122 4 Federated Federated NNP security-googleblog-com-3840 122 5 Model Model NNP security-googleblog-com-3840 122 6 for for IN security-googleblog-com-3840 122 7 Identities Identities NNPS security-googleblog-com-3840 122 8 To to TO security-googleblog-com-3840 122 9 continue continue VB security-googleblog-com-3840 122 10 the the DT security-googleblog-com-3840 122 11 inclusive inclusive JJ security-googleblog-com-3840 122 12 nature nature NN security-googleblog-com-3840 122 13 of of IN security-googleblog-com-3840 122 14 open open JJ security-googleblog-com-3840 122 15 source source NN security-googleblog-com-3840 122 16 , , , security-googleblog-com-3840 122 17 we -PRON- PRP security-googleblog-com-3840 122 18 need need VBP security-googleblog-com-3840 122 19 to to TO security-googleblog-com-3840 122 20 be be VB security-googleblog-com-3840 122 21 able able JJ security-googleblog-com-3840 122 22 to to TO security-googleblog-com-3840 122 23 trust trust VB security-googleblog-com-3840 122 24 a a DT security-googleblog-com-3840 122 25 wide wide JJ security-googleblog-com-3840 122 26 range range NN security-googleblog-com-3840 122 27 of of IN security-googleblog-com-3840 122 28 identities identity NNS security-googleblog-com-3840 122 29 , , , security-googleblog-com-3840 122 30 but but CC security-googleblog-com-3840 122 31 still still RB security-googleblog-com-3840 122 32 with with IN security-googleblog-com-3840 122 33 verified verified JJ security-googleblog-com-3840 122 34 integrity integrity NN security-googleblog-com-3840 122 35 . . . security-googleblog-com-3840 123 1 This this DT security-googleblog-com-3840 123 2 implies imply VBZ security-googleblog-com-3840 123 3 a a DT security-googleblog-com-3840 123 4 federated federate VBN security-googleblog-com-3840 123 5 model model NN security-googleblog-com-3840 123 6 for for IN security-googleblog-com-3840 123 7 identities identity NNS security-googleblog-com-3840 123 8 , , , security-googleblog-com-3840 123 9 perhaps perhaps RB security-googleblog-com-3840 123 10 similar similar JJ security-googleblog-com-3840 123 11 to to IN security-googleblog-com-3840 123 12 how how WRB security-googleblog-com-3840 123 13 we -PRON- PRP security-googleblog-com-3840 123 14 support support VBP security-googleblog-com-3840 123 15 federated federate VBD security-googleblog-com-3840 123 16 SSL SSL NNP security-googleblog-com-3840 123 17 certificates certificate NNS security-googleblog-com-3840 123 18 today today NN security-googleblog-com-3840 123 19 — — : security-googleblog-com-3840 123 20 a a DT security-googleblog-com-3840 123 21 range range NN security-googleblog-com-3840 123 22 of of IN security-googleblog-com-3840 123 23 groups group NNS security-googleblog-com-3840 123 24 can can MD security-googleblog-com-3840 123 25 generate generate VB security-googleblog-com-3840 123 26 valid valid JJ security-googleblog-com-3840 123 27 certificates certificate NNS security-googleblog-com-3840 123 28 , , , security-googleblog-com-3840 123 29 but but CC security-googleblog-com-3840 123 30 with with IN security-googleblog-com-3840 123 31 strong strong JJ security-googleblog-com-3840 123 32 auditing auditing NN security-googleblog-com-3840 123 33 and and CC security-googleblog-com-3840 123 34 mutual mutual JJ security-googleblog-com-3840 123 35 oversight oversight NN security-googleblog-com-3840 123 36 . . . security-googleblog-com-3840 124 1 Discussions discussion NNS security-googleblog-com-3840 124 2 on on IN security-googleblog-com-3840 124 3 this this DT security-googleblog-com-3840 124 4 topic topic NN security-googleblog-com-3840 124 5 are be VBP security-googleblog-com-3840 124 6 starting start VBG security-googleblog-com-3840 124 7 to to TO security-googleblog-com-3840 124 8 take take VB security-googleblog-com-3840 124 9 place place NN security-googleblog-com-3840 124 10 in in IN security-googleblog-com-3840 124 11 the the DT security-googleblog-com-3840 124 12 OpenSSF OpenSSF NNS security-googleblog-com-3840 124 13 ’s ’s NNP security-googleblog-com-3840 124 14 Digital Digital NNP security-googleblog-com-3840 124 15 Identity Identity NNP security-googleblog-com-3840 124 16 Attestation Attestation NNP security-googleblog-com-3840 124 17 Working Working NNP security-googleblog-com-3840 124 18 Group Group NNP security-googleblog-com-3840 124 19 . . . security-googleblog-com-3840 125 1 Goal goal NN security-googleblog-com-3840 125 2 : : : security-googleblog-com-3840 125 3 Notification notification NN security-googleblog-com-3840 125 4 for for IN security-googleblog-com-3840 125 5 Changes change NNS security-googleblog-com-3840 125 6 in in IN security-googleblog-com-3840 125 7 Risk Risk NNP security-googleblog-com-3840 125 8 We -PRON- PRP security-googleblog-com-3840 125 9 should should MD security-googleblog-com-3840 125 10 extend extend VB security-googleblog-com-3840 125 11 notifications notification NNS security-googleblog-com-3840 125 12 to to TO security-googleblog-com-3840 125 13 cover cover VB security-googleblog-com-3840 125 14 changes change NNS security-googleblog-com-3840 125 15 in in IN security-googleblog-com-3840 125 16 risk risk NN security-googleblog-com-3840 125 17 . . . security-googleblog-com-3840 126 1 The the DT security-googleblog-com-3840 126 2 most most RBS security-googleblog-com-3840 126 3 obvious obvious JJ security-googleblog-com-3840 126 4 is be VBZ security-googleblog-com-3840 126 5 ownership ownership NN security-googleblog-com-3840 126 6 changes change NNS security-googleblog-com-3840 126 7 , , , security-googleblog-com-3840 126 8 which which WDT security-googleblog-com-3840 126 9 can can MD security-googleblog-com-3840 126 10 be be VB security-googleblog-com-3840 126 11 a a DT security-googleblog-com-3840 126 12 prelude prelude NN security-googleblog-com-3840 126 13 to to IN security-googleblog-com-3840 126 14 new new JJ security-googleblog-com-3840 126 15 attacks attack NNS security-googleblog-com-3840 126 16 ( ( -LRB- security-googleblog-com-3840 126 17 such such JJ security-googleblog-com-3840 126 18 as as IN security-googleblog-com-3840 126 19 the the DT security-googleblog-com-3840 126 20 recent recent JJ security-googleblog-com-3840 126 21 NPM NPM NNP security-googleblog-com-3840 126 22 event event NN security-googleblog-com-3840 126 23 - - HYPH security-googleblog-com-3840 126 24 stream stream NN security-googleblog-com-3840 126 25 compromise compromise NN security-googleblog-com-3840 126 26 ) ) -RRB- security-googleblog-com-3840 126 27 . . . security-googleblog-com-3840 127 1 Other other JJ security-googleblog-com-3840 127 2 examples example NNS security-googleblog-com-3840 127 3 include include VBP security-googleblog-com-3840 127 4 discovery discovery NN security-googleblog-com-3840 127 5 of of IN security-googleblog-com-3840 127 6 stolen steal VBN security-googleblog-com-3840 127 7 credentials credential NNS security-googleblog-com-3840 127 8 , , , security-googleblog-com-3840 127 9 collusion collusion NN security-googleblog-com-3840 127 10 , , , security-googleblog-com-3840 127 11 or or CC security-googleblog-com-3840 127 12 other other JJ security-googleblog-com-3840 127 13 bad bad JJ security-googleblog-com-3840 127 14 actor actor NN security-googleblog-com-3840 127 15 behavior behavior NN security-googleblog-com-3840 127 16 . . . security-googleblog-com-3840 128 1 Goal goal NN security-googleblog-com-3840 128 2 : : : security-googleblog-com-3840 128 3 Transparency transparency NN security-googleblog-com-3840 128 4 for for IN security-googleblog-com-3840 128 5 Artifacts artifact NNS security-googleblog-com-3840 128 6 It -PRON- PRP security-googleblog-com-3840 128 7 is be VBZ security-googleblog-com-3840 128 8 common common JJ security-googleblog-com-3840 128 9 to to TO security-googleblog-com-3840 128 10 use use VB security-googleblog-com-3840 128 11 secure secure JJ security-googleblog-com-3840 128 12 hashes hash NNS security-googleblog-com-3840 128 13 to to TO security-googleblog-com-3840 128 14 detect detect VB security-googleblog-com-3840 128 15 if if IN security-googleblog-com-3840 128 16 an an DT security-googleblog-com-3840 128 17 artifact artifact NN security-googleblog-com-3840 128 18 has have VBZ security-googleblog-com-3840 128 19 arrived arrive VBN security-googleblog-com-3840 128 20 intact intact JJ security-googleblog-com-3840 128 21 , , , security-googleblog-com-3840 128 22 and and CC security-googleblog-com-3840 128 23 digital digital JJ security-googleblog-com-3840 128 24 signatures signature NNS security-googleblog-com-3840 128 25 to to TO security-googleblog-com-3840 128 26 prove prove VB security-googleblog-com-3840 128 27 authenticity authenticity NN security-googleblog-com-3840 128 28 . . . security-googleblog-com-3840 129 1 Adding add VBG security-googleblog-com-3840 129 2 “ " `` security-googleblog-com-3840 129 3 transparency transparency NN security-googleblog-com-3840 129 4 ” " '' security-googleblog-com-3840 129 5 means mean VBZ security-googleblog-com-3840 129 6 that that IN security-googleblog-com-3840 129 7 these these DT security-googleblog-com-3840 129 8 attestations attestation NNS security-googleblog-com-3840 129 9 are be VBP security-googleblog-com-3840 129 10 logged log VBN security-googleblog-com-3840 129 11 publicly publicly RB security-googleblog-com-3840 129 12 and and CC security-googleblog-com-3840 129 13 thus thus RB security-googleblog-com-3840 129 14 document document NN security-googleblog-com-3840 129 15 what what WP security-googleblog-com-3840 129 16 was be VBD security-googleblog-com-3840 129 17 intended intend VBN security-googleblog-com-3840 129 18 . . . security-googleblog-com-3840 130 1 In in IN security-googleblog-com-3840 130 2 turn turn NN security-googleblog-com-3840 130 3 , , , security-googleblog-com-3840 130 4 external external JJ security-googleblog-com-3840 130 5 parties party NNS security-googleblog-com-3840 130 6 can can MD security-googleblog-com-3840 130 7 monitor monitor VB security-googleblog-com-3840 130 8 the the DT security-googleblog-com-3840 130 9 logs log NNS security-googleblog-com-3840 130 10 for for IN security-googleblog-com-3840 130 11 fake fake JJ security-googleblog-com-3840 130 12 versions version NNS security-googleblog-com-3840 130 13 even even RB security-googleblog-com-3840 130 14 if if IN security-googleblog-com-3840 130 15 users user NNS security-googleblog-com-3840 130 16 are be VBP security-googleblog-com-3840 130 17 unaware unaware JJ security-googleblog-com-3840 130 18 . . . security-googleblog-com-3840 131 1 Going go VBG security-googleblog-com-3840 131 2 a a DT security-googleblog-com-3840 131 3 step step NN security-googleblog-com-3840 131 4 further far RBR security-googleblog-com-3840 131 5 , , , security-googleblog-com-3840 131 6 when when WRB security-googleblog-com-3840 131 7 credentials credential NNS security-googleblog-com-3840 131 8 are be VBP security-googleblog-com-3840 131 9 stolen steal VBN security-googleblog-com-3840 131 10 , , , security-googleblog-com-3840 131 11 we -PRON- PRP security-googleblog-com-3840 131 12 can can MD security-googleblog-com-3840 131 13 know know VB security-googleblog-com-3840 131 14 what what WP security-googleblog-com-3840 131 15 artifacts artifact NNS security-googleblog-com-3840 131 16 were be VBD security-googleblog-com-3840 131 17 signed sign VBN security-googleblog-com-3840 131 18 using use VBG security-googleblog-com-3840 131 19 those those DT security-googleblog-com-3840 131 20 credentials credential NNS security-googleblog-com-3840 131 21 and and CC security-googleblog-com-3840 131 22 work work NN security-googleblog-com-3840 131 23 to to TO security-googleblog-com-3840 131 24 remove remove VB security-googleblog-com-3840 131 25 them -PRON- PRP security-googleblog-com-3840 131 26 . . . security-googleblog-com-3840 132 1 This this DT security-googleblog-com-3840 132 2 kind kind NN security-googleblog-com-3840 132 3 of of IN security-googleblog-com-3840 132 4 transparency transparency NN security-googleblog-com-3840 132 5 , , , security-googleblog-com-3840 132 6 including include VBG security-googleblog-com-3840 132 7 the the DT security-googleblog-com-3840 132 8 durable durable JJ security-googleblog-com-3840 132 9 public public JJ security-googleblog-com-3840 132 10 logs log NNS security-googleblog-com-3840 132 11 and and CC security-googleblog-com-3840 132 12 the the DT security-googleblog-com-3840 132 13 third third JJ security-googleblog-com-3840 132 14 - - HYPH security-googleblog-com-3840 132 15 party party NN security-googleblog-com-3840 132 16 monitoring monitoring NN security-googleblog-com-3840 132 17 , , , security-googleblog-com-3840 132 18 has have VBZ security-googleblog-com-3840 132 19 been be VBN security-googleblog-com-3840 132 20 used use VBN security-googleblog-com-3840 132 21 to to IN security-googleblog-com-3840 132 22 great great JJ security-googleblog-com-3840 132 23 success success NN security-googleblog-com-3840 132 24 for for IN security-googleblog-com-3840 132 25 SSL SSL NNP security-googleblog-com-3840 132 26 certificates certificate NNS security-googleblog-com-3840 132 27 , , , security-googleblog-com-3840 132 28 and and CC security-googleblog-com-3840 132 29 we -PRON- PRP security-googleblog-com-3840 132 30 have have VBP security-googleblog-com-3840 132 31 proposed propose VBN security-googleblog-com-3840 132 32 one one CD security-googleblog-com-3840 132 33 way way NN security-googleblog-com-3840 132 34 to to TO security-googleblog-com-3840 132 35 do do VB security-googleblog-com-3840 132 36 this this DT security-googleblog-com-3840 132 37 for for IN security-googleblog-com-3840 132 38 package package NN security-googleblog-com-3840 132 39 managers manager NNS security-googleblog-com-3840 132 40 . . . security-googleblog-com-3840 133 1 Knowing know VBG security-googleblog-com-3840 133 2 you -PRON- PRP security-googleblog-com-3840 133 3 have have VBP security-googleblog-com-3840 133 4 the the DT security-googleblog-com-3840 133 5 right right JJ security-googleblog-com-3840 133 6 package package NN security-googleblog-com-3840 133 7 or or CC security-googleblog-com-3840 133 8 binary binary NN security-googleblog-com-3840 133 9 is be VBZ security-googleblog-com-3840 133 10 similar similar JJ security-googleblog-com-3840 133 11 to to IN security-googleblog-com-3840 133 12 knowing know VBG security-googleblog-com-3840 133 13 you -PRON- PRP security-googleblog-com-3840 133 14 are be VBP security-googleblog-com-3840 133 15 visiting visit VBG security-googleblog-com-3840 133 16 the the DT security-googleblog-com-3840 133 17 real real JJ security-googleblog-com-3840 133 18 version version NN security-googleblog-com-3840 133 19 of of IN security-googleblog-com-3840 133 20 a a DT security-googleblog-com-3840 133 21 web web NN security-googleblog-com-3840 133 22 site site NN security-googleblog-com-3840 133 23 . . . security-googleblog-com-3840 134 1 Goal goal NN security-googleblog-com-3840 134 2 : : : security-googleblog-com-3840 134 3 Trust trust VB security-googleblog-com-3840 134 4 the the DT security-googleblog-com-3840 134 5 Build build NN security-googleblog-com-3840 134 6 Process process NN security-googleblog-com-3840 134 7 Ken Ken NNP security-googleblog-com-3840 134 8 Thompson Thompson NNP security-googleblog-com-3840 134 9 's 's POS security-googleblog-com-3840 134 10 Turing Turing NNP security-googleblog-com-3840 134 11 Award Award NNP security-googleblog-com-3840 134 12 lecture lecture NN security-googleblog-com-3840 134 13 famously famously RB security-googleblog-com-3840 134 14 demonstrated demonstrate VBD security-googleblog-com-3840 134 15 in in IN security-googleblog-com-3840 134 16 1984 1984 CD security-googleblog-com-3840 134 17 that that IN security-googleblog-com-3840 134 18 authentic authentic JJ security-googleblog-com-3840 134 19 source source NN security-googleblog-com-3840 134 20 code code NN security-googleblog-com-3840 134 21 alone alone RB security-googleblog-com-3840 134 22 is be VBZ security-googleblog-com-3840 134 23 not not RB security-googleblog-com-3840 134 24 enough enough JJ security-googleblog-com-3840 134 25 , , , security-googleblog-com-3840 134 26 and and CC security-googleblog-com-3840 134 27 recent recent JJ security-googleblog-com-3840 134 28 events event NNS security-googleblog-com-3840 134 29 have have VBP security-googleblog-com-3840 134 30 shown show VBN security-googleblog-com-3840 134 31 this this DT security-googleblog-com-3840 134 32 attack attack NN security-googleblog-com-3840 134 33 is be VBZ security-googleblog-com-3840 134 34 a a DT security-googleblog-com-3840 134 35 real real JJ security-googleblog-com-3840 134 36 threat threat NN security-googleblog-com-3840 134 37 . . . security-googleblog-com-3840 135 1 How how WRB security-googleblog-com-3840 135 2 do do VBP security-googleblog-com-3840 135 3 you -PRON- PRP security-googleblog-com-3840 135 4 trust trust VB security-googleblog-com-3840 135 5 your -PRON- PRP$ security-googleblog-com-3840 135 6 build build NN security-googleblog-com-3840 135 7 system system NN security-googleblog-com-3840 135 8 ? ? . security-googleblog-com-3840 136 1 All all PDT security-googleblog-com-3840 136 2 the the DT security-googleblog-com-3840 136 3 components component NNS security-googleblog-com-3840 136 4 of of IN security-googleblog-com-3840 136 5 it -PRON- PRP security-googleblog-com-3840 136 6 must must MD security-googleblog-com-3840 136 7 be be VB security-googleblog-com-3840 136 8 trusted trust VBN security-googleblog-com-3840 136 9 and and CC security-googleblog-com-3840 136 10 verified verify VBN security-googleblog-com-3840 136 11 through through IN security-googleblog-com-3840 136 12 a a DT security-googleblog-com-3840 136 13 continuous continuous JJ security-googleblog-com-3840 136 14 process process NN security-googleblog-com-3840 136 15 of of IN security-googleblog-com-3840 136 16 building build VBG security-googleblog-com-3840 136 17 trust trust NN security-googleblog-com-3840 136 18 . . . security-googleblog-com-3840 137 1 Reproducible Reproducible NNP security-googleblog-com-3840 137 2 builds build VBZ security-googleblog-com-3840 137 3 help help NN security-googleblog-com-3840 137 4 — — : security-googleblog-com-3840 137 5 there there EX security-googleblog-com-3840 137 6 is be VBZ security-googleblog-com-3840 137 7 a a DT security-googleblog-com-3840 137 8 deterministic deterministic JJ security-googleblog-com-3840 137 9 outcome outcome NN security-googleblog-com-3840 137 10 for for IN security-googleblog-com-3840 137 11 the the DT security-googleblog-com-3840 137 12 build build NN security-googleblog-com-3840 137 13 and and CC security-googleblog-com-3840 137 14 we -PRON- PRP security-googleblog-com-3840 137 15 can can MD security-googleblog-com-3840 137 16 thus thus RB security-googleblog-com-3840 137 17 verify verify VB security-googleblog-com-3840 137 18 that that IN security-googleblog-com-3840 137 19 we -PRON- PRP security-googleblog-com-3840 137 20 got get VBD security-googleblog-com-3840 137 21 it -PRON- PRP security-googleblog-com-3840 137 22 right right JJ security-googleblog-com-3840 137 23 — — : security-googleblog-com-3840 137 24 but but CC security-googleblog-com-3840 137 25 are be VBP security-googleblog-com-3840 137 26 harder hard JJR security-googleblog-com-3840 137 27 to to TO security-googleblog-com-3840 137 28 achieve achieve VB security-googleblog-com-3840 137 29 due due IN security-googleblog-com-3840 137 30 to to IN security-googleblog-com-3840 137 31 ephemeral ephemeral JJ security-googleblog-com-3840 137 32 data datum NNS security-googleblog-com-3840 137 33 ( ( -LRB- security-googleblog-com-3840 137 34 such such JJ security-googleblog-com-3840 137 35 as as IN security-googleblog-com-3840 137 36 timestamps timestamp NNS security-googleblog-com-3840 137 37 ) ) -RRB- security-googleblog-com-3840 137 38 ending end VBG security-googleblog-com-3840 137 39 up up RP security-googleblog-com-3840 137 40 in in IN security-googleblog-com-3840 137 41 the the DT security-googleblog-com-3840 137 42 release release NN security-googleblog-com-3840 137 43 artifact artifact NN security-googleblog-com-3840 137 44 . . . security-googleblog-com-3840 138 1 And and CC security-googleblog-com-3840 138 2 safe safe JJ security-googleblog-com-3840 138 3 reproducible reproducible NN security-googleblog-com-3840 138 4 builds build VBZ security-googleblog-com-3840 138 5 require require VBP security-googleblog-com-3840 138 6 verification verification NN security-googleblog-com-3840 138 7 tools tool NNS security-googleblog-com-3840 138 8 , , , security-googleblog-com-3840 138 9 which which WDT security-googleblog-com-3840 138 10 in in IN security-googleblog-com-3840 138 11 turn turn NN security-googleblog-com-3840 138 12 must must MD security-googleblog-com-3840 138 13 be be VB security-googleblog-com-3840 138 14 built build VBN security-googleblog-com-3840 138 15 verifiably verifiably RB security-googleblog-com-3840 138 16 and and CC security-googleblog-com-3840 138 17 reproducibly reproducibly RB security-googleblog-com-3840 138 18 , , , security-googleblog-com-3840 138 19 and and CC security-googleblog-com-3840 138 20 so so RB security-googleblog-com-3840 138 21 on on RB security-googleblog-com-3840 138 22 . . . security-googleblog-com-3840 139 1 We -PRON- PRP security-googleblog-com-3840 139 2 must must MD security-googleblog-com-3840 139 3 construct construct VB security-googleblog-com-3840 139 4 a a DT security-googleblog-com-3840 139 5 network network NN security-googleblog-com-3840 139 6 of of IN security-googleblog-com-3840 139 7 trusted trust VBN security-googleblog-com-3840 139 8 tools tool NNS security-googleblog-com-3840 139 9 and and CC security-googleblog-com-3840 139 10 build build VB security-googleblog-com-3840 139 11 products product NNS security-googleblog-com-3840 139 12 . . . security-googleblog-com-3840 140 1 Trust trust VB security-googleblog-com-3840 140 2 in in IN security-googleblog-com-3840 140 3 both both CC security-googleblog-com-3840 140 4 the the DT security-googleblog-com-3840 140 5 artifacts artifact NNS security-googleblog-com-3840 140 6 and and CC security-googleblog-com-3840 140 7 the the DT security-googleblog-com-3840 140 8 tools tool NNS security-googleblog-com-3840 140 9 can can MD security-googleblog-com-3840 140 10 be be VB security-googleblog-com-3840 140 11 established establish VBN security-googleblog-com-3840 140 12 via via IN security-googleblog-com-3840 140 13 “ " `` security-googleblog-com-3840 140 14 delegation delegation NN security-googleblog-com-3840 140 15 ” " '' security-googleblog-com-3840 140 16 , , , security-googleblog-com-3840 140 17 through through IN security-googleblog-com-3840 140 18 a a DT security-googleblog-com-3840 140 19 variant variant NN security-googleblog-com-3840 140 20 of of IN security-googleblog-com-3840 140 21 the the DT security-googleblog-com-3840 140 22 transparency transparency NN security-googleblog-com-3840 140 23 process process NN security-googleblog-com-3840 140 24 described describe VBN security-googleblog-com-3840 140 25 above above IN security-googleblog-com-3840 140 26 called call VBN security-googleblog-com-3840 140 27 binary binary JJ security-googleblog-com-3840 140 28 authorization authorization NN security-googleblog-com-3840 140 29 . . . security-googleblog-com-3840 141 1 Internally internally RB security-googleblog-com-3840 141 2 , , , security-googleblog-com-3840 141 3 the the DT security-googleblog-com-3840 141 4 Google Google NNP security-googleblog-com-3840 141 5 build build NN security-googleblog-com-3840 141 6 system system NN security-googleblog-com-3840 141 7 signs sign NNS security-googleblog-com-3840 141 8 all all DT security-googleblog-com-3840 141 9 artifacts artifact NNS security-googleblog-com-3840 141 10 and and CC security-googleblog-com-3840 141 11 produces produce VBZ security-googleblog-com-3840 141 12 a a DT security-googleblog-com-3840 141 13 manifest manifest NN security-googleblog-com-3840 141 14 that that WDT security-googleblog-com-3840 141 15 ties tie VBZ security-googleblog-com-3840 141 16 it -PRON- PRP security-googleblog-com-3840 141 17 to to IN security-googleblog-com-3840 141 18 the the DT security-googleblog-com-3840 141 19 source source NN security-googleblog-com-3840 141 20 code code NN security-googleblog-com-3840 141 21 . . . security-googleblog-com-3840 142 1 For for IN security-googleblog-com-3840 142 2 open open JJ security-googleblog-com-3840 142 3 source source NN security-googleblog-com-3840 142 4 , , , security-googleblog-com-3840 142 5 one one CD security-googleblog-com-3840 142 6 or or CC security-googleblog-com-3840 142 7 more more JJR security-googleblog-com-3840 142 8 trusted trusted JJ security-googleblog-com-3840 142 9 agents agent NNS security-googleblog-com-3840 142 10 could could MD security-googleblog-com-3840 142 11 run run VB security-googleblog-com-3840 142 12 the the DT security-googleblog-com-3840 142 13 build build NN security-googleblog-com-3840 142 14 as as IN security-googleblog-com-3840 142 15 a a DT security-googleblog-com-3840 142 16 service service NN security-googleblog-com-3840 142 17 , , , security-googleblog-com-3840 142 18 signing sign VBG security-googleblog-com-3840 142 19 the the DT security-googleblog-com-3840 142 20 artifact artifact NN security-googleblog-com-3840 142 21 to to TO security-googleblog-com-3840 142 22 prove prove VB security-googleblog-com-3840 142 23 that that IN security-googleblog-com-3840 142 24 they -PRON- PRP security-googleblog-com-3840 142 25 are be VBP security-googleblog-com-3840 142 26 accountable accountable JJ security-googleblog-com-3840 142 27 for for IN security-googleblog-com-3840 142 28 its -PRON- PRP$ security-googleblog-com-3840 142 29 integrity integrity NN security-googleblog-com-3840 142 30 . . . security-googleblog-com-3840 143 1 This this DT security-googleblog-com-3840 143 2 kind kind NN security-googleblog-com-3840 143 3 of of IN security-googleblog-com-3840 143 4 ecosystem ecosystem NN security-googleblog-com-3840 143 5 should should MD security-googleblog-com-3840 143 6 exist exist VB security-googleblog-com-3840 143 7 and and CC security-googleblog-com-3840 143 8 mostly mostly RB security-googleblog-com-3840 143 9 needs need VBZ security-googleblog-com-3840 143 10 awareness awareness NN security-googleblog-com-3840 143 11 and and CC security-googleblog-com-3840 143 12 some some DT security-googleblog-com-3840 143 13 agreements agreement NNS security-googleblog-com-3840 143 14 on on IN security-googleblog-com-3840 143 15 the the DT security-googleblog-com-3840 143 16 format format NN security-googleblog-com-3840 143 17 of of IN security-googleblog-com-3840 143 18 attestations attestation NNS security-googleblog-com-3840 143 19 , , , security-googleblog-com-3840 143 20 so so IN security-googleblog-com-3840 143 21 that that IN security-googleblog-com-3840 143 22 we -PRON- PRP security-googleblog-com-3840 143 23 can can MD security-googleblog-com-3840 143 24 automate automate VB security-googleblog-com-3840 143 25 the the DT security-googleblog-com-3840 143 26 processes process NNS security-googleblog-com-3840 143 27 securely securely RB security-googleblog-com-3840 143 28 . . . security-googleblog-com-3840 144 1 The the DT security-googleblog-com-3840 144 2 actions action NNS security-googleblog-com-3840 144 3 in in IN security-googleblog-com-3840 144 4 this this DT security-googleblog-com-3840 144 5 section section NN security-googleblog-com-3840 144 6 are be VBP security-googleblog-com-3840 144 7 great great JJ security-googleblog-com-3840 144 8 for for IN security-googleblog-com-3840 144 9 software software NN security-googleblog-com-3840 144 10 in in IN security-googleblog-com-3840 144 11 general general JJ security-googleblog-com-3840 144 12 , , , security-googleblog-com-3840 144 13 and and CC security-googleblog-com-3840 144 14 are be VBP security-googleblog-com-3840 144 15 essentially essentially RB security-googleblog-com-3840 144 16 in in IN security-googleblog-com-3840 144 17 use use NN security-googleblog-com-3840 144 18 today today NN security-googleblog-com-3840 144 19 within within IN security-googleblog-com-3840 144 20 Google Google NNP security-googleblog-com-3840 144 21 , , , security-googleblog-com-3840 144 22 but but CC security-googleblog-com-3840 144 23 they -PRON- PRP security-googleblog-com-3840 144 24 are be VBP security-googleblog-com-3840 144 25 heavier heavy JJR security-googleblog-com-3840 144 26 weight weight NN security-googleblog-com-3840 144 27 than than IN security-googleblog-com-3840 144 28 usual usual JJ security-googleblog-com-3840 144 29 for for IN security-googleblog-com-3840 144 30 open open JJ security-googleblog-com-3840 144 31 source source NN security-googleblog-com-3840 144 32 . . . security-googleblog-com-3840 145 1 Our -PRON- PRP$ security-googleblog-com-3840 145 2 hope hope NN security-googleblog-com-3840 145 3 is be VBZ security-googleblog-com-3840 145 4 that that IN security-googleblog-com-3840 145 5 by by IN security-googleblog-com-3840 145 6 focusing focus VBG security-googleblog-com-3840 145 7 on on IN security-googleblog-com-3840 145 8 the the DT security-googleblog-com-3840 145 9 subset subset NN security-googleblog-com-3840 145 10 of of IN security-googleblog-com-3840 145 11 software software NN security-googleblog-com-3840 145 12 that that WDT security-googleblog-com-3840 145 13 is be VBZ security-googleblog-com-3840 145 14 critical critical JJ security-googleblog-com-3840 145 15 , , , security-googleblog-com-3840 145 16 we -PRON- PRP security-googleblog-com-3840 145 17 can can MD security-googleblog-com-3840 145 18 achieve achieve VB security-googleblog-com-3840 145 19 these these DT security-googleblog-com-3840 145 20 goals goal NNS security-googleblog-com-3840 145 21 at at IN security-googleblog-com-3840 145 22 least least JJS security-googleblog-com-3840 145 23 for for IN security-googleblog-com-3840 145 24 that that DT security-googleblog-com-3840 145 25 set set NN security-googleblog-com-3840 145 26 . . . security-googleblog-com-3840 146 1 As as IN security-googleblog-com-3840 146 2 the the DT security-googleblog-com-3840 146 3 tooling tooling NN security-googleblog-com-3840 146 4 and and CC security-googleblog-com-3840 146 5 automation automation NN security-googleblog-com-3840 146 6 get get VBP security-googleblog-com-3840 146 7 better well JJR security-googleblog-com-3840 146 8 , , , security-googleblog-com-3840 146 9 these these DT security-googleblog-com-3840 146 10 goals goal NNS security-googleblog-com-3840 146 11 will will MD security-googleblog-com-3840 146 12 become become VB security-googleblog-com-3840 146 13 easier easy JJR security-googleblog-com-3840 146 14 to to TO security-googleblog-com-3840 146 15 adopt adopt VB security-googleblog-com-3840 146 16 more more RBR security-googleblog-com-3840 146 17 widely widely RB security-googleblog-com-3840 146 18 . . . security-googleblog-com-3840 147 1 Summary summary VB security-googleblog-com-3840 147 2 The the DT security-googleblog-com-3840 147 3 nature nature NN security-googleblog-com-3840 147 4 of of IN security-googleblog-com-3840 147 5 open open JJ security-googleblog-com-3840 147 6 source source NN security-googleblog-com-3840 147 7 requires require VBZ security-googleblog-com-3840 147 8 that that IN security-googleblog-com-3840 147 9 we -PRON- PRP security-googleblog-com-3840 147 10 solve solve VBP security-googleblog-com-3840 147 11 problems problem NNS security-googleblog-com-3840 147 12 through through IN security-googleblog-com-3840 147 13 consensus consensus NN security-googleblog-com-3840 147 14 and and CC security-googleblog-com-3840 147 15 collaboration collaboration NN security-googleblog-com-3840 147 16 . . . security-googleblog-com-3840 148 1 For for IN security-googleblog-com-3840 148 2 complex complex JJ security-googleblog-com-3840 148 3 topics topic NNS security-googleblog-com-3840 148 4 such such JJ security-googleblog-com-3840 148 5 as as IN security-googleblog-com-3840 148 6 vulnerabilities vulnerability NNS security-googleblog-com-3840 148 7 , , , security-googleblog-com-3840 148 8 this this DT security-googleblog-com-3840 148 9 implies imply VBZ security-googleblog-com-3840 148 10 focused focus VBD security-googleblog-com-3840 148 11 discussion discussion NN security-googleblog-com-3840 148 12 around around IN security-googleblog-com-3840 148 13 the the DT security-googleblog-com-3840 148 14 key key JJ security-googleblog-com-3840 148 15 issues issue NNS security-googleblog-com-3840 148 16 . . . security-googleblog-com-3840 149 1 We -PRON- PRP security-googleblog-com-3840 149 2 presented present VBD security-googleblog-com-3840 149 3 one one CD security-googleblog-com-3840 149 4 way way NN security-googleblog-com-3840 149 5 to to TO security-googleblog-com-3840 149 6 frame frame VB security-googleblog-com-3840 149 7 this this DT security-googleblog-com-3840 149 8 discussion discussion NN security-googleblog-com-3840 149 9 , , , security-googleblog-com-3840 149 10 and and CC security-googleblog-com-3840 149 11 defined define VBD security-googleblog-com-3840 149 12 a a DT security-googleblog-com-3840 149 13 set set NN security-googleblog-com-3840 149 14 of of IN security-googleblog-com-3840 149 15 goals goal NNS security-googleblog-com-3840 149 16 that that WDT security-googleblog-com-3840 149 17 we -PRON- PRP security-googleblog-com-3840 149 18 hope hope VBP security-googleblog-com-3840 149 19 will will MD security-googleblog-com-3840 149 20 accelerate accelerate VB security-googleblog-com-3840 149 21 industry industry NN security-googleblog-com-3840 149 22 - - HYPH security-googleblog-com-3840 149 23 wide wide JJ security-googleblog-com-3840 149 24 discourse discourse NN security-googleblog-com-3840 149 25 and and CC security-googleblog-com-3840 149 26 the the DT security-googleblog-com-3840 149 27 ultimate ultimate JJ security-googleblog-com-3840 149 28 solutions solution NNS security-googleblog-com-3840 149 29 . . . security-googleblog-com-3840 150 1 The the DT security-googleblog-com-3840 150 2 first first JJ security-googleblog-com-3840 150 3 set set NN security-googleblog-com-3840 150 4 of of IN security-googleblog-com-3840 150 5 goals goal NNS security-googleblog-com-3840 150 6 apply apply VBP security-googleblog-com-3840 150 7 broadly broadly RB security-googleblog-com-3840 150 8 to to IN security-googleblog-com-3840 150 9 vulnerabilities vulnerability NNS security-googleblog-com-3840 150 10 and and CC security-googleblog-com-3840 150 11 are be VBP security-googleblog-com-3840 150 12 really really RB security-googleblog-com-3840 150 13 about about IN security-googleblog-com-3840 150 14 enabling enable VBG security-googleblog-com-3840 150 15 automation automation NN security-googleblog-com-3840 150 16 and and CC security-googleblog-com-3840 150 17 reducing reduce VBG security-googleblog-com-3840 150 18 risk risk NN security-googleblog-com-3840 150 19 and and CC security-googleblog-com-3840 150 20 toil toil NN security-googleblog-com-3840 150 21 . . . security-googleblog-com-3840 151 1 However however RB security-googleblog-com-3840 151 2 , , , security-googleblog-com-3840 151 3 these these DT security-googleblog-com-3840 151 4 goals goal NNS security-googleblog-com-3840 151 5 are be VBP security-googleblog-com-3840 151 6 not not RB security-googleblog-com-3840 151 7 enough enough RB security-googleblog-com-3840 151 8 in in IN security-googleblog-com-3840 151 9 the the DT security-googleblog-com-3840 151 10 presence presence NN security-googleblog-com-3840 151 11 of of IN security-googleblog-com-3840 151 12 adversaries adversary NNS security-googleblog-com-3840 151 13 or or CC security-googleblog-com-3840 151 14 to to TO security-googleblog-com-3840 151 15 prevent prevent VB security-googleblog-com-3840 151 16 “ " `` security-googleblog-com-3840 151 17 supply supply NN security-googleblog-com-3840 151 18 chain chain NN security-googleblog-com-3840 151 19 ” " '' security-googleblog-com-3840 151 20 attacks attack NNS security-googleblog-com-3840 151 21 . . . security-googleblog-com-3840 152 1 Thus thus RB security-googleblog-com-3840 152 2 we -PRON- PRP security-googleblog-com-3840 152 3 propose propose VBP security-googleblog-com-3840 152 4 a a DT security-googleblog-com-3840 152 5 second second JJ security-googleblog-com-3840 152 6 set set NN security-googleblog-com-3840 152 7 of of IN security-googleblog-com-3840 152 8 goals goal NNS security-googleblog-com-3840 152 9 for for IN security-googleblog-com-3840 152 10 critical critical JJ security-googleblog-com-3840 152 11 software software NN security-googleblog-com-3840 152 12 . . . security-googleblog-com-3840 153 1 The the DT security-googleblog-com-3840 153 2 second second JJ security-googleblog-com-3840 153 3 set set NN security-googleblog-com-3840 153 4 is be VBZ security-googleblog-com-3840 153 5 more more RBR security-googleblog-com-3840 153 6 onerous onerous JJ security-googleblog-com-3840 153 7 and and CC security-googleblog-com-3840 153 8 therefore therefore RB security-googleblog-com-3840 153 9 will will MD security-googleblog-com-3840 153 10 meet meet VB security-googleblog-com-3840 153 11 some some DT security-googleblog-com-3840 153 12 resistance resistance NN security-googleblog-com-3840 153 13 , , , security-googleblog-com-3840 153 14 but but CC security-googleblog-com-3840 153 15 we -PRON- PRP security-googleblog-com-3840 153 16 believe believe VBP security-googleblog-com-3840 153 17 the the DT security-googleblog-com-3840 153 18 extra extra JJ security-googleblog-com-3840 153 19 constraints constraint NNS security-googleblog-com-3840 153 20 are be VBP security-googleblog-com-3840 153 21 fundamental fundamental JJ security-googleblog-com-3840 153 22 for for IN security-googleblog-com-3840 153 23 security security NN security-googleblog-com-3840 153 24 . . . security-googleblog-com-3840 154 1 The the DT security-googleblog-com-3840 154 2 intention intention NN security-googleblog-com-3840 154 3 is be VBZ security-googleblog-com-3840 154 4 to to TO security-googleblog-com-3840 154 5 define define VB security-googleblog-com-3840 154 6 collectively collectively RB security-googleblog-com-3840 154 7 the the DT security-googleblog-com-3840 154 8 set set NN security-googleblog-com-3840 154 9 of of IN security-googleblog-com-3840 154 10 “ " `` security-googleblog-com-3840 154 11 critical critical JJ security-googleblog-com-3840 154 12 ” " '' security-googleblog-com-3840 154 13 software software NN security-googleblog-com-3840 154 14 packages package NNS security-googleblog-com-3840 154 15 , , , security-googleblog-com-3840 154 16 and and CC security-googleblog-com-3840 154 17 apply apply VB security-googleblog-com-3840 154 18 these these DT security-googleblog-com-3840 154 19 higher high JJR security-googleblog-com-3840 154 20 standards standard NNS security-googleblog-com-3840 154 21 only only RB security-googleblog-com-3840 154 22 to to IN security-googleblog-com-3840 154 23 this this DT security-googleblog-com-3840 154 24 set set NN security-googleblog-com-3840 154 25 . . . security-googleblog-com-3840 155 1 Although although IN security-googleblog-com-3840 155 2 we -PRON- PRP security-googleblog-com-3840 155 3 have have VBP security-googleblog-com-3840 155 4 various various JJ security-googleblog-com-3840 155 5 opinions opinion NNS security-googleblog-com-3840 155 6 on on IN security-googleblog-com-3840 155 7 how how WRB security-googleblog-com-3840 155 8 to to TO security-googleblog-com-3840 155 9 meet meet VB security-googleblog-com-3840 155 10 both both DT security-googleblog-com-3840 155 11 sets set NNS security-googleblog-com-3840 155 12 of of IN security-googleblog-com-3840 155 13 goals goal NNS security-googleblog-com-3840 155 14 , , , security-googleblog-com-3840 155 15 we -PRON- PRP security-googleblog-com-3840 155 16 are be VBP security-googleblog-com-3840 155 17 but but CC security-googleblog-com-3840 155 18 one one CD security-googleblog-com-3840 155 19 voice voice NN security-googleblog-com-3840 155 20 in in IN security-googleblog-com-3840 155 21 a a DT security-googleblog-com-3840 155 22 space space NN security-googleblog-com-3840 155 23 where where WRB security-googleblog-com-3840 155 24 consensus consensus NN security-googleblog-com-3840 155 25 and and CC security-googleblog-com-3840 155 26 sustainable sustainable JJ security-googleblog-com-3840 155 27 solutions solution NNS security-googleblog-com-3840 155 28 matter matter VBP security-googleblog-com-3840 155 29 most most JJS security-googleblog-com-3840 155 30 of of IN security-googleblog-com-3840 155 31 all all DT security-googleblog-com-3840 155 32 . . . security-googleblog-com-3840 156 1 We -PRON- PRP security-googleblog-com-3840 156 2 look look VBP security-googleblog-com-3840 156 3 forward forward RB security-googleblog-com-3840 156 4 to to IN security-googleblog-com-3840 156 5 this this DT security-googleblog-com-3840 156 6 discussion discussion NN security-googleblog-com-3840 156 7 , , , security-googleblog-com-3840 156 8 to to IN security-googleblog-com-3840 156 9 promoting promote VBG security-googleblog-com-3840 156 10 the the DT security-googleblog-com-3840 156 11 best good JJS security-googleblog-com-3840 156 12 ideas idea NNS security-googleblog-com-3840 156 13 , , , security-googleblog-com-3840 156 14 and and CC security-googleblog-com-3840 156 15 eventually eventually RB security-googleblog-com-3840 156 16 to to IN security-googleblog-com-3840 156 17 solutions solution NNS security-googleblog-com-3840 156 18 that that IN security-googleblog-com-3840 156 19 both both DT security-googleblog-com-3840 156 20 strengthen strengthen VB security-googleblog-com-3840 156 21 and and CC security-googleblog-com-3840 156 22 streamline streamline VB security-googleblog-com-3840 156 23 the the DT security-googleblog-com-3840 156 24 security security NN security-googleblog-com-3840 156 25 of of IN security-googleblog-com-3840 156 26 open open JJ security-googleblog-com-3840 156 27 source source NN security-googleblog-com-3840 156 28 that that WDT security-googleblog-com-3840 156 29 we -PRON- PRP security-googleblog-com-3840 156 30 all all DT security-googleblog-com-3840 156 31 depend depend VBP security-googleblog-com-3840 156 32 on on IN security-googleblog-com-3840 156 33 . . . security-googleblog-com-3840 157 1 Notes Notes NNP security-googleblog-com-3840 157 2 Ideally ideally RB security-googleblog-com-3840 157 3 , , , security-googleblog-com-3840 157 4 depended depend VBN security-googleblog-com-3840 157 5 - - HYPH security-googleblog-com-3840 157 6 upon upon RP security-googleblog-com-3840 157 7 versions version NNS security-googleblog-com-3840 157 8 should should MD security-googleblog-com-3840 157 9 be be VB security-googleblog-com-3840 157 10 stable stable JJ security-googleblog-com-3840 157 11 absent absent JJ security-googleblog-com-3840 157 12 an an DT security-googleblog-com-3840 157 13 explicit explicit JJ security-googleblog-com-3840 157 14 upgrade upgrade NN security-googleblog-com-3840 157 15 , , , security-googleblog-com-3840 157 16 but but CC security-googleblog-com-3840 157 17 behavior behavior NN security-googleblog-com-3840 157 18 varies vary VBZ security-googleblog-com-3840 157 19 depending depend VBG security-googleblog-com-3840 157 20 on on IN security-googleblog-com-3840 157 21 the the DT security-googleblog-com-3840 157 22 packaging packaging NN security-googleblog-com-3840 157 23 system system NN security-googleblog-com-3840 157 24 . . . security-googleblog-com-3840 158 1 Two two CD security-googleblog-com-3840 158 2 that that DT security-googleblog-com-3840 158 3 aim aim VBP security-googleblog-com-3840 158 4 for for IN security-googleblog-com-3840 158 5 stability stability NN security-googleblog-com-3840 158 6 rather rather RB security-googleblog-com-3840 158 7 than than IN security-googleblog-com-3840 158 8 fast fast JJ security-googleblog-com-3840 158 9 upgrades upgrade NNS security-googleblog-com-3840 158 10 are be VBP security-googleblog-com-3840 158 11 Go Go NNP security-googleblog-com-3840 158 12 Modules Modules NNP security-googleblog-com-3840 158 13 and and CC security-googleblog-com-3840 158 14 NuGet NuGet NNP security-googleblog-com-3840 158 15 , , , security-googleblog-com-3840 158 16 both both DT security-googleblog-com-3840 158 17 of of IN security-googleblog-com-3840 158 18 which which WDT security-googleblog-com-3840 158 19 by by IN security-googleblog-com-3840 158 20 default default NN security-googleblog-com-3840 158 21 install install NN security-googleblog-com-3840 158 22 upgrades upgrade NNS security-googleblog-com-3840 158 23 only only RB security-googleblog-com-3840 158 24 when when WRB security-googleblog-com-3840 158 25 the the DT security-googleblog-com-3840 158 26 requirements requirement NNS security-googleblog-com-3840 158 27 are be VBP security-googleblog-com-3840 158 28 updated update VBN security-googleblog-com-3840 158 29 ; ; : security-googleblog-com-3840 158 30 the the DT security-googleblog-com-3840 158 31 dependencies dependency NNS security-googleblog-com-3840 158 32 might may MD security-googleblog-com-3840 158 33 be be VB security-googleblog-com-3840 158 34 wrong wrong JJ security-googleblog-com-3840 158 35 , , , security-googleblog-com-3840 158 36 but but CC security-googleblog-com-3840 158 37 they -PRON- PRP security-googleblog-com-3840 158 38 only only RB security-googleblog-com-3840 158 39 change change VBP security-googleblog-com-3840 158 40 with with IN security-googleblog-com-3840 158 41 explicit explicit JJ security-googleblog-com-3840 158 42 updates update NNS security-googleblog-com-3840 158 43 . . . security-googleblog-com-3840 159 1 ↩ ↩ NNP security-googleblog-com-3840 159 2 Google Google NNP security-googleblog-com-3840 159 3 No no DT security-googleblog-com-3840 159 4 comments comment NNS security-googleblog-com-3840 159 5 : : : security-googleblog-com-3840 159 6 Post post VB security-googleblog-com-3840 159 7 a a DT security-googleblog-com-3840 159 8 Comment Comment NNP security-googleblog-com-3840 159 9   NN security-googleblog-com-3840 159 10   NN security-googleblog-com-3840 159 11   NNP security-googleblog-com-3840 159 12 Labels Labels NNPS security-googleblog-com-3840 159 13   NNP security-googleblog-com-3840 159 14 android android NNP security-googleblog-com-3840 159 15 android android NNP security-googleblog-com-3840 159 16 security security NNP security-googleblog-com-3840 159 17 android android NNP security-googleblog-com-3840 159 18 tr tr NNP security-googleblog-com-3840 159 19 app app NNP security-googleblog-com-3840 159 20 security security NNP security-googleblog-com-3840 159 21 big big NNP security-googleblog-com-3840 159 22 data datum NNS security-googleblog-com-3840 159 23 biometrics biometric NNS security-googleblog-com-3840 159 24 blackhat blackhat WDT security-googleblog-com-3840 159 25 chrome chrome VBP security-googleblog-com-3840 159 26 chrome chrome NNP security-googleblog-com-3840 159 27 security security NN security-googleblog-com-3840 159 28 federated federate VBD security-googleblog-com-3840 159 29 learning learn VBG security-googleblog-com-3840 159 30 Gboard Gboard NNP security-googleblog-com-3840 159 31 google google NNP security-googleblog-com-3840 159 32 play play VBP security-googleblog-com-3840 159 33 google google NNP security-googleblog-com-3840 159 34 play play VBP security-googleblog-com-3840 159 35 protect protect NNP security-googleblog-com-3840 159 36 pha pha NNP security-googleblog-com-3840 159 37 family family NN security-googleblog-com-3840 159 38 highlights highlight VBZ security-googleblog-com-3840 159 39 privacy privacy NN security-googleblog-com-3840 159 40 Security Security NNP security-googleblog-com-3840 159 41 spyware spyware NN security-googleblog-com-3840 159 42 targeted target VBD security-googleblog-com-3840 159 43 spyware spyware NN security-googleblog-com-3840 159 44 vulnerabilities vulnerability NNS security-googleblog-com-3840 159 45   NNP security-googleblog-com-3840 159 46 Archive archive JJ security-googleblog-com-3840 159 47   : security-googleblog-com-3840 159 48   NN security-googleblog-com-3840 159 49   NNP security-googleblog-com-3840 159 50     _SP security-googleblog-com-3840 159 51 2021 2021 CD security-googleblog-com-3840 159 52 Feb Feb NNP security-googleblog-com-3840 159 53 Jan Jan NNP security-googleblog-com-3840 159 54   NN security-googleblog-com-3840 159 55   NN security-googleblog-com-3840 159 56     _SP security-googleblog-com-3840 159 57 2020 2020 CD security-googleblog-com-3840 159 58 Dec Dec NNP security-googleblog-com-3840 159 59 Nov Nov NNP security-googleblog-com-3840 159 60 Oct Oct NNP security-googleblog-com-3840 159 61 Sep Sep NNP security-googleblog-com-3840 159 62 Aug Aug NNP security-googleblog-com-3840 159 63 Jul Jul NNP security-googleblog-com-3840 159 64 Jun Jun NNP security-googleblog-com-3840 159 65 May May NNP security-googleblog-com-3840 159 66 Apr Apr NNP security-googleblog-com-3840 159 67 Mar Mar NNP security-googleblog-com-3840 159 68 Feb Feb NNP security-googleblog-com-3840 159 69 Jan Jan NNP security-googleblog-com-3840 159 70   NN security-googleblog-com-3840 159 71   NNP security-googleblog-com-3840 159 72     _SP security-googleblog-com-3840 159 73 2019 2019 CD security-googleblog-com-3840 159 74 Dec Dec NNP security-googleblog-com-3840 159 75 Nov Nov NNP security-googleblog-com-3840 159 76 Oct Oct NNP security-googleblog-com-3840 159 77 Sep Sep NNP security-googleblog-com-3840 159 78 Aug Aug NNP security-googleblog-com-3840 159 79 Jul Jul NNP security-googleblog-com-3840 159 80 Jun Jun NNP security-googleblog-com-3840 159 81 May May NNP security-googleblog-com-3840 159 82 Apr Apr NNP security-googleblog-com-3840 159 83 Mar Mar NNP security-googleblog-com-3840 159 84 Feb Feb NNP security-googleblog-com-3840 159 85 Jan Jan NNP security-googleblog-com-3840 159 86   NN security-googleblog-com-3840 159 87   NNP security-googleblog-com-3840 159 88     _SP security-googleblog-com-3840 159 89 2018 2018 CD security-googleblog-com-3840 159 90 Dec Dec NNP security-googleblog-com-3840 159 91 Nov Nov NNP security-googleblog-com-3840 159 92 Oct Oct NNP security-googleblog-com-3840 159 93 Sep Sep NNP security-googleblog-com-3840 159 94 Aug Aug NNP security-googleblog-com-3840 159 95 Jul Jul NNP security-googleblog-com-3840 159 96 Jun Jun NNP security-googleblog-com-3840 159 97 May May NNP security-googleblog-com-3840 159 98 Apr Apr NNP security-googleblog-com-3840 159 99 Mar Mar NNP security-googleblog-com-3840 159 100 Feb Feb NNP security-googleblog-com-3840 159 101 Jan Jan NNP security-googleblog-com-3840 159 102   NN security-googleblog-com-3840 159 103   NNP security-googleblog-com-3840 159 104     _SP security-googleblog-com-3840 159 105 2017 2017 CD security-googleblog-com-3840 159 106 Dec Dec NNP security-googleblog-com-3840 159 107 Nov Nov NNP security-googleblog-com-3840 159 108 Oct Oct NNP security-googleblog-com-3840 159 109 Sep Sep NNP security-googleblog-com-3840 159 110 Jul Jul NNP security-googleblog-com-3840 159 111 Jun Jun NNP security-googleblog-com-3840 159 112 May May NNP security-googleblog-com-3840 159 113 Apr Apr NNP security-googleblog-com-3840 159 114 Mar Mar NNP security-googleblog-com-3840 159 115 Feb Feb NNP security-googleblog-com-3840 159 116 Jan Jan NNP security-googleblog-com-3840 159 117   NN security-googleblog-com-3840 159 118   NNP security-googleblog-com-3840 159 119     _SP security-googleblog-com-3840 159 120 2016 2016 CD security-googleblog-com-3840 159 121 Dec Dec NNP security-googleblog-com-3840 159 122 Nov Nov NNP security-googleblog-com-3840 159 123 Oct Oct NNP security-googleblog-com-3840 159 124 Sep Sep NNP security-googleblog-com-3840 159 125 Aug Aug NNP security-googleblog-com-3840 159 126 Jul Jul NNP security-googleblog-com-3840 159 127 Jun Jun NNP security-googleblog-com-3840 159 128 May May NNP security-googleblog-com-3840 159 129 Apr Apr NNP security-googleblog-com-3840 159 130 Mar Mar NNP security-googleblog-com-3840 159 131 Feb Feb NNP security-googleblog-com-3840 159 132 Jan Jan NNP security-googleblog-com-3840 159 133   NN security-googleblog-com-3840 159 134   NNP security-googleblog-com-3840 159 135     _SP security-googleblog-com-3840 159 136 2015 2015 CD security-googleblog-com-3840 159 137 Dec Dec NNP security-googleblog-com-3840 159 138 Nov Nov NNP security-googleblog-com-3840 159 139 Oct Oct NNP security-googleblog-com-3840 159 140 Sep Sep NNP security-googleblog-com-3840 159 141 Aug Aug NNP security-googleblog-com-3840 159 142 Jul Jul NNP security-googleblog-com-3840 159 143 Jun Jun NNP security-googleblog-com-3840 159 144 May May NNP security-googleblog-com-3840 159 145 Apr Apr NNP security-googleblog-com-3840 159 146 Mar Mar NNP security-googleblog-com-3840 159 147 Feb Feb NNP security-googleblog-com-3840 159 148 Jan Jan NNP security-googleblog-com-3840 159 149   NN security-googleblog-com-3840 159 150   NNP security-googleblog-com-3840 159 151     _SP security-googleblog-com-3840 159 152 2014 2014 CD security-googleblog-com-3840 159 153 Dec Dec NNP security-googleblog-com-3840 159 154 Nov Nov NNP security-googleblog-com-3840 159 155 Oct Oct NNP security-googleblog-com-3840 159 156 Sep Sep NNP security-googleblog-com-3840 159 157 Aug Aug NNP security-googleblog-com-3840 159 158 Jul Jul NNP security-googleblog-com-3840 159 159 Jun Jun NNP security-googleblog-com-3840 159 160 Apr Apr NNP security-googleblog-com-3840 159 161 Mar Mar NNP security-googleblog-com-3840 159 162 Feb Feb NNP security-googleblog-com-3840 159 163 Jan Jan NNP security-googleblog-com-3840 159 164   NN security-googleblog-com-3840 159 165   NNP security-googleblog-com-3840 159 166     _SP security-googleblog-com-3840 159 167 2013 2013 CD security-googleblog-com-3840 159 168 Dec Dec NNP security-googleblog-com-3840 159 169 Nov Nov NNP security-googleblog-com-3840 159 170 Oct Oct NNP security-googleblog-com-3840 159 171 Aug Aug NNP security-googleblog-com-3840 159 172 Jun Jun NNP security-googleblog-com-3840 159 173 May May NNP security-googleblog-com-3840 159 174 Apr Apr NNP security-googleblog-com-3840 159 175 Mar Mar NNP security-googleblog-com-3840 159 176 Feb Feb NNP security-googleblog-com-3840 159 177 Jan Jan NNP security-googleblog-com-3840 159 178   NN security-googleblog-com-3840 159 179   NNP security-googleblog-com-3840 159 180     _SP security-googleblog-com-3840 159 181 2012 2012 CD security-googleblog-com-3840 159 182 Dec Dec NNP security-googleblog-com-3840 159 183 Sep Sep NNP security-googleblog-com-3840 159 184 Aug Aug NNP security-googleblog-com-3840 159 185 Jun Jun NNP security-googleblog-com-3840 159 186 May May NNP security-googleblog-com-3840 159 187 Apr Apr NNP security-googleblog-com-3840 159 188 Mar Mar NNP security-googleblog-com-3840 159 189 Feb Feb NNP security-googleblog-com-3840 159 190 Jan Jan NNP security-googleblog-com-3840 159 191   NN security-googleblog-com-3840 159 192   NNP security-googleblog-com-3840 159 193     _SP security-googleblog-com-3840 159 194 2011 2011 CD security-googleblog-com-3840 159 195 Dec Dec NNP security-googleblog-com-3840 159 196 Nov Nov NNP security-googleblog-com-3840 159 197 Oct Oct NNP security-googleblog-com-3840 159 198 Sep Sep NNP security-googleblog-com-3840 159 199 Aug Aug NNP security-googleblog-com-3840 159 200 Jul Jul NNP security-googleblog-com-3840 159 201 Jun Jun NNP security-googleblog-com-3840 159 202 May May NNP security-googleblog-com-3840 159 203 Apr Apr NNP security-googleblog-com-3840 159 204 Mar Mar NNP security-googleblog-com-3840 159 205 Feb Feb NNP security-googleblog-com-3840 159 206   NN security-googleblog-com-3840 159 207   NNP security-googleblog-com-3840 159 208     _SP security-googleblog-com-3840 159 209 2010 2010 CD security-googleblog-com-3840 159 210 Nov Nov NNP security-googleblog-com-3840 159 211 Oct Oct NNP security-googleblog-com-3840 159 212 Sep Sep NNP security-googleblog-com-3840 159 213 Aug Aug NNP security-googleblog-com-3840 159 214 Jul Jul NNP security-googleblog-com-3840 159 215 May May NNP security-googleblog-com-3840 159 216 Apr Apr NNP security-googleblog-com-3840 159 217 Mar Mar NNP security-googleblog-com-3840 159 218   NN security-googleblog-com-3840 159 219   NNP security-googleblog-com-3840 159 220     _SP security-googleblog-com-3840 159 221 2009 2009 CD security-googleblog-com-3840 159 222 Nov Nov NNP security-googleblog-com-3840 159 223 Oct Oct NNP security-googleblog-com-3840 159 224 Aug Aug NNP security-googleblog-com-3840 159 225 Jul Jul NNP security-googleblog-com-3840 159 226 Jun Jun NNP security-googleblog-com-3840 159 227 Mar Mar NNP security-googleblog-com-3840 159 228   NN security-googleblog-com-3840 159 229   NNP security-googleblog-com-3840 159 230     _SP security-googleblog-com-3840 159 231 2008 2008 CD security-googleblog-com-3840 159 232 Dec Dec NNP security-googleblog-com-3840 159 233 Nov Nov NNP security-googleblog-com-3840 159 234 Oct Oct NNP security-googleblog-com-3840 159 235 Aug Aug NNP security-googleblog-com-3840 159 236 Jul Jul NNP security-googleblog-com-3840 159 237 May May NNP security-googleblog-com-3840 159 238 Feb Feb NNP security-googleblog-com-3840 159 239   NN security-googleblog-com-3840 159 240   NNP security-googleblog-com-3840 159 241     _SP security-googleblog-com-3840 159 242 2007 2007 CD security-googleblog-com-3840 159 243 Nov Nov NNP security-googleblog-com-3840 159 244 Oct Oct NNP security-googleblog-com-3840 159 245 Sep Sep NNP security-googleblog-com-3840 159 246 Jul Jul NNP security-googleblog-com-3840 159 247 Jun Jun NNP security-googleblog-com-3840 159 248 May May MD security-googleblog-com-3840 159 249 Feed Feed NNP security-googleblog-com-3840 159 250 Follow follow VB security-googleblog-com-3840 159 251 @google @google . security-googleblog-com-3840 159 252 Follow follow VB security-googleblog-com-3840 159 253 Give give VB security-googleblog-com-3840 159 254 us -PRON- PRP security-googleblog-com-3840 159 255 feedback feedback NN security-googleblog-com-3840 159 256 in in IN security-googleblog-com-3840 159 257 our -PRON- PRP$ security-googleblog-com-3840 159 258 Product Product NNP security-googleblog-com-3840 159 259 Forums Forums NNPS security-googleblog-com-3840 159 260 . . . security-googleblog-com-3840 160 1 Google Google NNP security-googleblog-com-3840 160 2 Privacy Privacy NNP security-googleblog-com-3840 160 3 Terms term NNS