CVE Vulnerabilities - Logo

CVE Vulnerabilities: All You Ever Wanted to Know About

|
What is the CVE? The Common Vulnerabilities and Exposures glossary (CVE) is a security project focused on publicly released software, funded by the US Division of Homeland Security and maintained by the MITRE Corporation. The CVE glossary uses Security Content Automation Protocol (SCAP) to collect information about security vulnerabilities and ... Read More
Opening Keynote - GitHub Universe 2018

3 GitHub Security Updates You Should Know

|
Developers don’t agree on much, but they sure do love GitHub. It is their first stop when looking for a bit of code to solve a problem and a great place to collaborate with other developers on public repos, improving the code for all to use. As the amount of ... Read More
How the Heartbleed Vulnerability Shaped  OpenSSL as We Know It

How the Heartbleed Vulnerability Shaped OpenSSL as We Know It

|
Few are the bugs that truly make it into mainstream notoriety. Whether having to do with its unabashedly dramatic name and logo or with little relation, the Heartbleed vulnerability is one flaw that has become a household name. Made public in April 2014, the Heartbleed vulnerability (formally designated CVE-2014-0160) was ... Read More
Apache Struts Vulnerabilities Burden Us With a ‘Stay or Go’ Deliberation

Apache Struts Vulnerabilities Burden Us With a ‘Stay or Go’ Deliberation

|
There’s never a dull moment with Apache Struts. Aside from ongoing remote code execution vulnerabilities which seem to be announced on an ongoing basis, every year, by recent count, a high-profile vulnerability is publicized that sparks the age-old debate anew: should I continue using Apache Struts or should I migrate ... Read More
Creating Your Open Source Policy Template: 3 Points You Don't Want to Overlook

Creating Your Open Source Policy Template: 3 Points You Don’t Want to Overlook

|
The vast majority of enterprise level companies employ some level of open source policy in their organizations. Their purpose is to create company-wide guidelines for the use of open source components. However, there’s a fine line between theory and practice and more often than not these open source policy templates ... Read More
Equifax Breach Year in Review: Vulnerabilities in Apache Struts Still Going Strong

Equifax Breach Year in Review: Vulnerabilities in Apache Struts Still Going Strong

|
You would think it hard to believe, but the vulnerable version of the popular open source framework that cost 147.9 Americans their personally identifiable information (PII) in the Equifax breach last fall, is still going unrepaired by most companies using the vulnerable versions of Struts. Despite the Apache Foundation issuing ... Read More
Are DevOps and DevSecOps Headed in Opposite Directions?

Are DevOps and DevSecOps Headed in Opposite Directions?

|
There used to be a time when software development liked divisions of labor. Siloed thinking and solitary departments working as stand-alone units ruled the scene and there was no talk of collaboration or teamwork. Long gone are those days. In today’s agile development marketplace, cross-disciplinary development requiring the active involvement ... Read More
The 8 Startup Due Diligence Dos

The 8 Startup Due Diligence Dos

|
Due diligence for a startup is something of a contradiction in terms if you think about it. It’s a process that aims to give the technical, legal and financial grounds upon which a startup can gain investor support. Yet the process of getting a startup due diligence portfolio up and ... Read More
Best Practices for Open Source Governance

Best Practices for Open Source Governance

|
Companies of all sizes and across all industries are creating software products and relying on open source code to do it. Both Forrester and Gartner, the industry’s leading research and advisory firms, claim that anywhere between 80%-90% of all commercial software developers use open source components within their applications. But ... Read More
6 Open Source Software Security Concerns Dispelled

6 Open Source Software Security Concerns Dispelled

|
Used by developers around the world, open source components makes up 60%-80% of the codebase in modern applications. Open source components are downloaded thousands of times per day to create applications for organizations of varying sizes and across all industries. But despite the continuously growing adoption there are still myths ... Read More
Loading...