open source - Tagged - Security Boulevard

Open Source: The Positives, the Risks and the Future

In a world that is constantly evaluating costs, it is little wonder that there is an increasing demand for cost-effective solutions to business problems. In the real world, this means ‘free,’ and ...

World’s first 100G Zeek sensor

By Sarah Banks, Senior Director of Product Management, Corelight As we finished rolling out Corelight’s v21 software release, which saw the delivery of the world’s first 100G, 1U Zeek sensor, I was ...
ethics cybersecurity research

The Role of Ethics in Cybersecurity Studies

Nobody wants to be a proverbial guinea pig; least of all, developers donating their time and energy to making the world a better place. You’d think with all the recent discussion about ...
Security Boulevard
Managing Open Source Vulnerabilities

Managing Open Source Vulnerabilities

When you test your code, are you really testing all of it?Photo by Artem Sapegin on UnsplashIt seems impossible to write software without using open-source components. A single “import package” can mean thousands of ...
mobile app open source apps application layer

Majority of Mobile App Vulnerabilities From Open Source Code

COVID-19 has impacted everything over the past year, and mobile app security is no exception. The Synopsys Cybersecurity Research Center (CyRC) took an in-depth look at application security, and discovered just how ...
Security Boulevard
Introducing “Attacker Reachability”: Reduce open-source vulnerability tickets by 90% or more.

Introducing “Attacker Reachability”: Reduce open-source vulnerability tickets by 90% or more.

Introducing “Attacker Reachability”: Reducing open-source vulnerability tickets by 90% or more.Tl;dr; ShiftLeft is announcing Intelligent SCA that uses a four-step process to prioritize vulnerabilities that matter. ShiftLeft Intelligent SCA introduces the concept of ...
Scanning for Secrets in Source Code

Scanning for Secrets in Source Code

How to uncover leak secrets with regex + entropy analysisImage is taken from https://twitter.com/DZoneInc/status/1361420207793659904.As a developer, I admit that I’ve committed secrets to public Github repositories before. Hardcoded secrets have always been a ...
threat Linux security XDR open source security

Google to Underwrite Contributors to Linux Security

Google and the Linux Foundation announced this week they will underwrite two full-time maintainers for Linux kernel security development. Gustavo Silva is currently working full time on eliminating several classes of buffer ...
Security Boulevard
GnuPG

Bad Security Bug in GnuPG: C Language Blamed (Yet Again)

GnuPG has a serious vulnerability, in a library also used elsewhere: Libgcrypt 1.9.0 contains a classic programming error ...
Security Boulevard
Professionally Evil Fundamentals: Introduction

Converting NMAP XML Files to HTML with xsltproc

NMAP is a wonderful network scanner and its ability to log scan data to files, specifically XML, helps quite a bit.  This enables the scan data to be parsed by other tools ...