Software Integrity

Archive for the 'Open Source Security' Category

 

Big temperature drop in Hades as Microsoft buys GitHub

The big news for open source last week was Microsoft’s announced purchase of GitHub. A major win for open source? The beginning of the end? Read Software Integrity Insight to see both sides of the coin, as well as the rest of the cyber security and open source security news that made headlines this week! […]

Continue Reading...

Posted in Application Security, Open Source Security | Comments Off on Big temperature drop in Hades as Microsoft buys GitHub

 

Microsoft acquires GitHub, Election Insecurity, and Ticketfly data breach

  Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and unsecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? GitHub acquired by Microsoft, election insecurity persists, and the Ticketfly data breach.  Play this week’s episode below:   Microsoft has snapped up […]

Continue Reading...

Posted in Application Security, Black Duck by Synopsys, Open Source Security, Weekly Security Mashup | Comments Off on Microsoft acquires GitHub, Election Insecurity, and Ticketfly data breach

 

North Korea hacking, JScript RCE, World Cup a cyberthreat target?

Software Integrity Insight is your resource on the cyber security and open source security news that made headlines this week, including news on North Korea hacking, the remote code execution vulnerability exposed in JScript, and how the World Cup 2018 might be a ripe target for cybercrime. Read on! The Cybersecurity 202: North Korea is […]

Continue Reading...

Posted in Application Security, DevOps, Open Source Licenses, Open Source Security | Comments Off on North Korea hacking, JScript RCE, World Cup a cyberthreat target?

 

Open source security risk on the rise owing to unpatched software

A slight change of pace for this week’s issue of Software Integrity Insight, as we focus on the release of the 2018 Open Source Security and Risk Analysis, which analyzes the audit results of over 1,100 commercial codebases from over 500 organizations and examines the open source security and licensing news of 2017. We think […]

Continue Reading...

Posted in Application Security, Open Source Licenses, Open Source Security | Comments Off on Open source security risk on the rise owing to unpatched software

 

Open source security report, Serious XSS vulnerabilities, and ICS attack vectors

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. 41% of cyber-security apps contain high-risk open source vulnerabilities via Davey Winder, author – SC Magazine –  The 2018 Open Source Security and Risk Analysis Report– the latest in a series of annual […]

Continue Reading...

Posted in Application Security, Open Source Security, Vendor Risk Management, Weekly Security Mashup | Comments Off on Open source security report, Serious XSS vulnerabilities, and ICS attack vectors

 

Infographic: Highlights from the 2018 Open Source Security and Risk Analysis Report

Download Infographic

Continue Reading...

Posted in Open Source Security | Comments Off on Infographic: Highlights from the 2018 Open Source Security and Risk Analysis Report

 

Open source report exposes management gaps after turbulent 2017

2017 was a tumultuous year in the world of open source software. A massive data breach at Equifax exposed millions of U.S., U.K., and Canadian residents’ sensitive personal and financial information and gained widespread media attention. As open source software becomes embedded in our everyday lives, not only through our phones and computers but through […]

Continue Reading...

Posted in Featured, Open Source Licenses, Open Source Security | Comments Off on Open source report exposes management gaps after turbulent 2017

 

NIST report on container security, GitLab Developer Report, VW and Audi remote hacks

Software Integrity Insight is your resource on the cyber security and open source security that made the headlines! 8 takeaways from NIST’s application container security guide via Synopsys Software Integrity: Chances are, hackers are aware of the growing popularity of containers as well, says technical evangelist Tim Mackey. Which is why we compiled eight takeaways […]

Continue Reading...

Posted in Automotive Security, Containers, Open Source Security | Comments Off on NIST report on container security, GitLab Developer Report, VW and Audi remote hacks

 

RSA news, Israel shifts to open source, latest on TaskRabbit breach

RSA happened last week, and a ton of news—some gloomy, some encouraging—has come from the world’s largest cyber security conference. The Israeli government follows Great Britain, the U.S., and France and moves to open source. TaskRabbit pledges “more security” after a data breach, and nine things you can expect to have an impact on cyber […]

Continue Reading...

Posted in Application Security, Data Breach, DevOps, Open Source Security, Security Conference or Event | Comments Off on RSA news, Israel shifts to open source, latest on TaskRabbit breach

 

Data breaches, SirenJack, and serverless apps vulns

It’s nearly an all-Tim Mackey issue of Software Integrity Insight as our technical evangelist weighs in on data breaches, container adoption, GitHub, and open source serverless applications. Other stories in this week’s software integrity news include the SirenJack vulnerability, a security vulnerability potentially putting warning sirens across the city of San Francisco at risk, and […]

Continue Reading...

Posted in Application Security, Containers, Data Breach, Internet of Things, Open Source Security | Comments Off on Data breaches, SirenJack, and serverless apps vulns