Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
79
security advisoryremediationvulnerability managementMaximize Open-Source Security in Linux Using WhiteSource Solutions
When it comes to modern applications, did you know that up to 80% of code is made up of open-source components? There are several reasons why open-source software is utilized, including its cost-effective nature, reliability, and the freedom to access, modify, and distribute source codes. Yet, the nature of open-source components means security efforts can be overlooked. After all, developers usually take components which are readily available and implement them within their own projects. This saves considerable time where they gain useful features without having to write their own code. It also means exploits can exist – and these can be easily missed when working on applications. There are plenty of examples where an organization has been devastated by lackadaisical open-source security. The most infamous was back in September 2017. Equifax, the international credit reporting agency, suffered a hack on an unprecedented scale. The open-source component known as Apache Struts2 featured an exploit, and this was all it took for attackers to make off with the personal data of at least 143 million people . As a result, it is essential your organization doesn’t just detect vulnerabilities in open-source code, but also rectifies any issues before they cause damage. This is where WhiteSource can take center stage for your Linux projects. Open-source security: the challenges Open-source security relies on a community-based approach. SAST and other technology for application security testing are beneficial for proprietary code, but it’s a different story with Open Source. The community is very much a resource for identifying and fixing vulnerabilities found within code. However, even though the open-source community is capable of devising fixes for vulnerabilities, there’s one point to remember: Open Source isn’t controlled by one authority. It is a decentralized operation. This means information about vulnerabilities/fixes is spread across various resources, which ultimately resultsin it being impossible for organizations to match these to their own applications. What is WhiteSource? So how can a corporation keep its open-source inventory secure? To avoid a potential ticking time bomb due to vulnerable components, one of the best solutions on the market is WhiteSource. In essence, WhiteSource allows you to automatically check every open-source component found within your applications. By doing this, you can stay secure from vulnerabilities while also enforcing all license policies during the development lifecycle of your software. Along with staying secure from hackers, it also results in faster, smoother, and more affordable development. The following points will go through the steps the WhiteSource platform takes to keep software safe, and why 1.3 million developers use it for their projects. Detecting vulnerabilities As mentioned already, even with community feedback, it’s difficult to know which of your open-source components feature any vulnerabilities. WhiteSource can rectify that issue – and go beyond any manual application checks. The platform detects any vulnerability in an application, including those found in your transitive dependencies, and does this across 200+ programming languages. Along with this comprehensive database, WhiteSource cuts out those resource-eating false positives. Plus, the platform’s patented Effective Usage Analysis tool ensures your development team can prioritize the vulnerabilities that truly need resolving. Vulnerability remediation When a vulnerability has been detected, it’s essential that it is corrected as soon as possible. When the community issue trackers list a vulnerability, hackers are quick to react in an effort to exploit the security flaw. Due to remediation requiring the cooperation of your developers and security teams, a swift fix for vulnerabilities is not always possible – especially if they’re working on code they didn’t write themselves. With WhiteSource; however, you canaccurately pinpoint any vulnerable functionality found within your code. It also maps out how your application is using the vulnerability. With these insights, you can significantly reduce your remediation efforts. WhiteSource adds further convenience by suggesting fixes for any vulnerability. Whether this is a configuration change to the system blocking a certain function or a link to the latest patches, the platform lists all known remedies. WhiteSource also automates the process for every new issue discovered. Continuous monitoring When you factor in the sheer size of the open source community in terms of data and combine this with its decentralized nature, it is practically impossible to manage every facet of open-source security manually. This is why an automated solution like WhiteSource is so vital for the process. When it comes to monitoring, it is vital to combine shift right and shift left testing. The “shift right” methodology is particularly imperative as open-source project vulnerabilities are usually found years after the release of the vulnerable version. The good news: WhiteSource keeps automatic track of the latest deployed version of a component. As for “ shift left ”, this approach allows developers to spot vulnerable components prior to them even being downloaded from the Internet. WhiteSource’s browser extension, Web Advisor, ensures developers can pick the most suitable component right from the start. WhiteSource also enables you to automatically enforce quality/security/license compliance policies throughout the software development life cycle. By automating this aspect, you can save considerable time and resources compared to manually reviewing new components. . . Open-source software may harbor security flaws; learn how WhiteSource safeguards your Linux applications proficiently.. Open Source Security, Vulnerability Management, WhiteSource, Software Integrity, Application Monitoring. . LinuxSecurity.com Team
Jan 25, 2021
•
Security Projects
74
network securitysoftware upgradevulnerability assessmentCitadel Security: Upgraded Tools for Network Vulnerability Management
A pair of vulnerability-assessment and remediation tool vendors are separately upgrading their products so that customers more easily can prioritize which networked systems need to be fixed. . . .. A pair of vulnerability-assessment and remediation tool vendors are separately upgrading their products so that customers more easily can prioritize which networked systems need to be fixed. Citadel Security Software Inc. says Version 3.5 of its Hercules desktop and server software includes new technology called AssetGuard that helps companies determine what needs fixing by examining vulnerability-assessment data collected from assorted scanners against an inventory of applications running on the network. Based on written policies, fixes can be prioritized. Hercules 3.5 aggregates data from scanners such as those from eEye Digital Security Inc., Foundstone Inc. and Internet Security Systems Inc. Other enhancements include the ability to query Hercules' management console for information about what types of computers with specific vulnerabilities are running on a sub-net and then scheduling remediation efforts. The link for this article located at ComputerWorld is no longer available. . Providers are improving risk-evaluation instruments to enable more effective prioritization in remediation strategies across digital infrastructures.. Vulnerability Assessment Tools, Network Security Solutions, Software Upgrades. . Anthony Pell
Oct 07, 2004
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More