The big news for open source last week was Microsoft’s announced purchase of GitHub. A major win for open source? The beginning of the end? Read Software Integrity Insight to see both sides of the coin, as well as the rest of the cyber security and open source security news that made headlines this week! […]
Posted in Application Security, Open Source Security | Comments Off on Big temperature drop in Hades as Microsoft buys GitHub
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and unsecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? GitHub acquired by Microsoft, election insecurity persists, and the Ticketfly data breach. Play this week’s episode below: Microsoft has snapped up […]
Posted in Application Security, Black Duck by Synopsys, Open Source Security, Weekly Security Mashup | Comments Off on Microsoft acquires GitHub, Election Insecurity, and Ticketfly data breach
Software Integrity Insight is your resource on the cyber security and open source security news that made headlines this week, including news on North Korea hacking, the remote code execution vulnerability exposed in JScript, and how the World Cup 2018 might be a ripe target for cybercrime. Read on! The Cybersecurity 202: North Korea is […]
Posted in Application Security, DevOps, Open Source Licenses, Open Source Security | Comments Off on North Korea hacking, JScript RCE, World Cup a cyberthreat target?
A slight change of pace for this week’s issue of Software Integrity Insight, as we focus on the release of the 2018 Open Source Security and Risk Analysis, which analyzes the audit results of over 1,100 commercial codebases from over 500 organizations and examines the open source security and licensing news of 2017. We think […]
Posted in Application Security, Open Source Licenses, Open Source Security | Comments Off on Open source security risk on the rise owing to unpatched software
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. 41% of cyber-security apps contain high-risk open source vulnerabilities via Davey Winder, author – SC Magazine – The 2018 Open Source Security and Risk Analysis Report– the latest in a series of annual […]
Posted in Application Security, Open Source Security, Vendor Risk Management, Weekly Security Mashup | Comments Off on Open source security report, Serious XSS vulnerabilities, and ICS attack vectors
Download Infographic
Posted in Open Source Security | Comments Off on Infographic: Highlights from the 2018 Open Source Security and Risk Analysis Report
2017 was a tumultuous year in the world of open source software. A massive data breach at Equifax exposed millions of U.S., U.K., and Canadian residents’ sensitive personal and financial information and gained widespread media attention. As open source software becomes embedded in our everyday lives, not only through our phones and computers but through […]
Posted in Featured, Open Source Licenses, Open Source Security | Comments Off on Open source report exposes management gaps after turbulent 2017
Software Integrity Insight is your resource on the cyber security and open source security that made the headlines! 8 takeaways from NIST’s application container security guide via Synopsys Software Integrity: Chances are, hackers are aware of the growing popularity of containers as well, says technical evangelist Tim Mackey. Which is why we compiled eight takeaways […]
Posted in Automotive Security, Containers, Open Source Security | Comments Off on NIST report on container security, GitLab Developer Report, VW and Audi remote hacks
RSA happened last week, and a ton of news—some gloomy, some encouraging—has come from the world’s largest cyber security conference. The Israeli government follows Great Britain, the U.S., and France and moves to open source. TaskRabbit pledges “more security” after a data breach, and nine things you can expect to have an impact on cyber […]
Posted in Application Security, Data Breach, DevOps, Open Source Security, Security Conference or Event | Comments Off on RSA news, Israel shifts to open source, latest on TaskRabbit breach
It’s nearly an all-Tim Mackey issue of Software Integrity Insight as our technical evangelist weighs in on data breaches, container adoption, GitHub, and open source serverless applications. Other stories in this week’s software integrity news include the SirenJack vulnerability, a security vulnerability potentially putting warning sirens across the city of San Francisco at risk, and […]
Posted in Application Security, Containers, Data Breach, Internet of Things, Open Source Security | Comments Off on Data breaches, SirenJack, and serverless apps vulns