The way we build software has changed forever. The way we secure it must change, too. Instead of creating applications from scratch, today's developers start with open-source components and then copy, extend, and glue them together. It’s faster, it’s cheaper, and it means that open-source libraries and frameworks now make up the vast majority of the source code used by companies today. This change is not lost on hackers. For them, reusable code equals reusable vulnerabilities. We at SourceClear help you secure your open-source code from hackers by creating a real-time inventory of your open-source components. We show you where they came from, who created them, and exactly what they are doing in their applications. We detail vulnerabilities that could be used by hackers to compromise applications and customer data and provide clear guidance on fixes. Our data-science and machine learning platform digs into the depths of open-source vulnerabilities at scale and at speed, uncovering issues not yet disclosed to the public. We take care of security for open-source code so that you can focus on your business: shipping features and delighting users.
- Triaging of the newest vulnerabilities released
- Creating product signatures and identifying root cause of vulnerabilities
- Tracking library release notes and security bulletins
- Develop tools to identify new vulnerabilities
- Other activities that involve security research about software vulnerabilities
- BS/MS degree in Computer Science, Computer Engineering, or a related field; or, relevant work experience (freshers are welcome to apply)
- Attention to detail and highly organized style of working
- High energy individual with a can-do attitude
- Experience programming in either Java, Ruby or Javascript
- Preferable if the candidate has knowledge of build and package management systems such as Maven, RubyGems and NPM
- Preferable if the candidate has knowledge of software security vulnerability types and common attack methods
- Singaporean Citizen or PR
from http://www.startupjobs.asia
No comments:
Post a Comment