Application Security August 21, 2017 Three Practical Tips That Empower Developers and Prevent Open Source Security Risks From Entering Your Code 4 min read - There are many benefits to developing software using open source code, but these components can also introduce vulnerabilities into your code.
July 20, 2017 New Devil’s Ivy Vulnerability Causing Rash of IoT Risks 2 min read - A new open source vulnerability called Devil's Ivy could enable attackers to hijack security camera feeds and block legitimate users from accessing data.
Application Security June 28, 2017 In Case You Missed the Memo: What’s New in IBM’s Application Security Testing? 2 min read - New enhancements to IBM's application security testing solutions enable clients to simplify SAST, remediate open source vulnerabilities and more.
June 1, 2017 Circling Back: FreeRADIUS Fix Cuts Off Authenticaton Bypass 2 min read - The open source FreeRADIUS project recently patched a vulnerability that allowed malicious actors to bypass session authentication.
Application Security May 4, 2017 Taming the Open Source Beast With an Effective Application Security Testing Program 4 min read - Application security testing is the only way to prevent open source vulnerabilities from becoming a huge problem in the enterprise.
April 3, 2017 Malware Attack Targets Open Source Developers 2 min read - A recent phishing campaign targeted GitHub developers with Dimnie malware, which enables fraudsters to alter open source code packages.
March 7, 2017 Widespread Bug Bounty Program Could Help Harden Open Source Security 2 min read - As part of HackerOne's effort to improve open source security, the vulnerability disclosure firm made its bug bounty program available for free.
March 7, 2017 Wireshark Squashes Bugs With New Network Protocol Analyzer Update 2 min read - The Wireshark development team addressed dozens of vulnerabilities, segmentation flaws and bugs with the latest version of its network protocol analyzer.
February 28, 2017 End-to-End Email Encryption: Google Pushes Latest Project to Open Source 2 min read - Google just pushed its email encryption project, E2EMail, to open source. What does this mean for the development of corporate email security?
January 18, 2017 Attacks on Embedded Open Source Code Could Rise by 20 Percent This Year 2 min read - Researchers from Black Duck Software expect the rate of attacks against known vulnerabilities in open source code to increase by 20 percent in 2017.