[Rd] Security assessment
Jones, Jonathan D [US] (SP)
Jon@th@n@Jone@ @end|ng |rom ngc@com
Tue Aug 29 17:43:24 CEST 2023
Hello,
Has any consideration or work been done to document or perform vulnerability testing for the R packages? In order to bring in software to my environments, I need to research known vulnerabilities (I usually use MITRE's CVE page) and also perform local Fortify and Nessus scans to determine an NVD score. It would be a huge help to have a way to package whatever tools/libraries/etc into a adhoc package or a breakdown of an R release contents to aid in vulnerability assessments. Developers ask for specific library files and if I could map them to a package it would greatly reduce the amount of research.
Jonathan D. Jones | Cyber Lead | ISSM
Northrop Grumman Corporation | Space Systems
Red Phone 802-0825
[[alternative HTML version deleted]]
More information about the R-devel
mailing list