All "Community" posts
OSS-Fuzz is Google’s awesome fuzzing service for open source projects. GitHub Security Lab’s @kevinbackhouse describes enrolling a project.
The Exiv2 team tightened our security by enabling GitHub’s code scanning feature and adding custom queries tailored to the Exiv2 code base.
When you’re fixing a bug, especially a security vulnerability, you should add a regression test, fix the bug, and find & fix variants.
This blog post is the first in a series about hardening the security of the Exiv2 project. My goal is to share tips that will help you harden the security of your own project.
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program: @yvvdwf
It’s that time of year again where I like to share seasonally spooktacular games plus source code—a goldmine of material for (a) those looking for coffee-break entertainment, (b) those interested in learning more about game