Securing the Software Supply Chain with Macaron: A Comprehensive Tool for Analysis and Protection

This presentation introduces the latest developments of Macaron, Oracle Labs’ open-source project for enhancing software supply chain security, with a particular focus on Python malware detection and securing build processes. As attacks targeting Python packages grow, Macaron provides an effective solution for identifying malicious packages and behaviors, ensuring the integrity of build processes. Many organizations rely on building third-party artifacts from source while building their own applications, and Macaron empowers them to do so by offering detailed insights into the entire build process.