open source security

Linux Foundation Addresses Open Source Security

The Linux Foundation announced this week it has launched yet another consortium, this time in the hopes of bringing some order to multiple previous efforts to address open source security. The Open ...
Security Boulevard

Zeek in it’s sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

By Ben Reardon, Corelight Security Researcher Having a CVE 10 unauthenticated Remote Code Execution vulnerability on a central load balancing device? That’s bad… Not being able to detect when a threat actor ...

How to Better Navigate the World of DevSecOps with Sonatype and Saltworks Security

Recently we partnered with Orasi Software and Saltworks Security to discuss how organizations are using open source software. Saltworks’ Founder and CEO, Dennis Hurst and Sonatype’s, Maury Cupitt, VP, Solutions Architecture, sat ...

Ripple20 Zeek package open sourced

By Ben Reardon, Corelight Security Researcher Recently, security research group JSOF released 19 vulnerabilities related to the “Treck” TCP/IP stack. This stack exists on many devices as part of the supply chain ...

How to Establish an Open Source Program Office

It feels like some people don’t have a strong understanding of open source. Some misunderstandings have come from working with open source in an environment filled with proprietary software. When the words ...
Thoughts on the state of enterprise open source

Thoughts on the state of enterprise open source

“Open source is bad since it’s full of security vulnerabilities, unmaintained dependencies and poor documentation,” said this security vendor as they began their opening speech before delving into their product that offered ...
cloud security

4 Best Practices for Securing Your Open Source Components

The post 4 Best Practices for Securing Your Open Source Components appeared first on CCSI ...
Open Source Sucks, Says Ballsy Infosec Firm

Open Source Sucks, Says Ballsy Infosec Firm

Security bugs are exploding in open source software, claims a vulnerability management service ...
Security Boulevard
Joomla Open-Source CMS Affected by Data-Breach

Joomla Open-Source CMS Affected by Data-Breach

A data breach affecting Joomla, the popular open-source content management system (CMS), was announced by its developers from Open Source Matters. While some data breaches take place when bad actors use vulnerabilities ...
Security Compliance Reports with Scan

Security Compliance Reports with Scan

Security Compliance Reports with ShiftLeft ScanThis blog was originally published at https://blog.shiftleft.io.9:00 am9:00 am — Start of your dayPicture this scenario. You are a Lead DevOps at your company with programming skills. Your new ...