What is the OWASP Top 10, and – just as important – what is it not? In this review, we look at how you can make this critical risk report work for you and your organization.
Open source may be the most viable option for most companies today but it comes with its own set of problems too.
Open-source software is one of the most innovative developments of the past few decades. Open-source is code that is publicly available and editable.
While some Linux enthusiasts eagerly recommend users boot their systems with the "mitigations=off" kernel parameter for run-time disabling of various relevant CPU security mitigations for Spectre, Meltdown, L1TF, TAA, Retbleed, and friends, with the new AMD Ryzen 7000 "Zen 4" processors while still needing some software mitigations, it's surprisingly faster for the most part leaving the relevant mitigations enabled.
Linux systems are a popular delivery mechanism for malware. While they’re not the most popular – that distinction goes to HTML and Javascript – don’t think you can ignore them. Linux-based attacks are very much still happening.
As the open-source model continues to prove its sustainability in the enterprise, the software community is ramping up its security-mindedness. That concern was evident in recent weeks as leading Linux groups led the way for better code security.
Data scientists, who often choose open source packages without considering security, increasingly face concerns over the unvetted use of those components, new study shows.
Rust is eating into our systems. The first Rusted drivers are being welded into Linux, while Microsoft's Azure CTO Mark Russinovich said C/C++ – until now, the systems languages of choice – should be dropped in favor of Rust henceforth.
As IT workers continue their daunting job of protecting network users from bad guys, a few new tools might help stem the tide of vulnerabilities that continue to link open source and proprietary software.
There's been a big rise in ransomware attacks targeting Linux as cyber criminals look to expand their options and exploit an operating system that is often overlooked when businesses think about security.
Open-source software has become the foundation of the digital economy: Estimates are that it constitutes 70 to 90% of any given piece of modern software.
You may not want to continue using 32-bit Linux kernels if you want a secure experience.
Believe it or not, you might be using a deprecated Linux command. It’s not really your fault. You are either habitual of using those commands or learned them through old, obsolete tutorials on the web.
Stack Overflow released the results of its annual developer survey this week, with responses from over 70,000 developers across 180 countries. The survey highlights attitudes, tools, and environments that are shaping software today.
ShiftLeft has released some rare positive news on the AppSec front by reporting that based on millions of scans on its customers, they found a 97% reduction in open source software (OSS) vulnerabilities.
Only about half of firms have an open source software security policy in place to guide developers in the use of components and frameworks, but those that do exhibit better security.
With the ever-growing threat of cyberattacks, it's more important for businesses to invest in robust cybersecurity measures. However, many businesses lack the in-house expertise to manage their security operations needs effectively.
Let’s look at what data security looks like on Linux and the often-exaggerated claims that accompany it.
Linux is a coveted target. It is the host operating system for numerous application backends and servers and powers a wide variety of internet of things (IoT) devices. Still, not enough is done to protect the machines running it.
"It’s important for the industry to understand that open source development burnout is real and can have a significant impact upon those who depend on the projects they maintain. Incentivize and recognize efforts. Don’t just take, but give back to the community."
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
