Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
76
security advisorysoftware designopen sourceLinux Foundation and OpenSSF: CRA Compliance Impact on Security
As Linux security admins, staying abreast of evolving regulations is vital to ensuring the resilience and compliance of our systems. A recent initiative by the Linux Foundation Europe and OpenSSF to support implementation of the European Union Cyber Resilience Act (CRA) promises to transform how we manage security and compliance within the open-source software ecosystem by formalizing guidelines and tools that meet the stringent requirements set out by the CRA. . By mandating measures like secure software design, robust vulnerability reporting, and transparent Software Bills of Materials (SBOMs), our day-to-day operations will experience a noticeable shift towards more disciplined security practices. Let's examine this initiative and its implications for your Linux security administration and your systems' compliance with CRA's standards and regulations. Understanding the Cyber Resilience Act To fully appreciate this initiative, it is necessary to understand the Cyber Resilience Act (CRA) . Enforced since December 2024, this comprehensive regulation seeks to increase digital product and service security within Europe. CRA mandates that security must be integrated into software design processes from their inception, and developers must be held responsible for vulnerability reporting and management services within their products. Also, transparent software dependency lists with SBOMs are an integral element. As a Linux security admin, your job extends far beyond protecting the infrastructure within which your systems reside. It involves ensuring all software running on them also complies with these new standards. This requires reassessing how software is sourced, developed, and maintained while emphasizing proactive security measures and thorough documentation. Enhancing Security Practices The requirements set out by CRA have fundamentally transformed how we approach system security. One key implication of their requirements is to incorporate security from the onset of software design -known as "security by design." This concept ensures that security considerations do not become an afterthought but are integrated into every stage of software creation. Linux security admins must work closely with development teams to ensure security protocols are strictly followed from the outset, including regular code reviews, threat modeling, and testing of security features as part of the development process. Taking an early detection and mitigation approach to vulnerabilities reduces risks associated with potential exploits. As soon as the CRA was implemented, its significance became even clearer. The upkeep of systems cannot be underestimated. Regular software patches and updates to address known vulnerabilities are imperative to creating resilient infrastructure. Tools and guidelines developed under the Linux Foundation Europe/OpenSSF initiative will also play a significant role in supporting enhanced security practices. Management of Software Bills of Materials (SBOMs) A core requirement of the CRA is transparency in software dependencies through SBOMs . An SBOM provides a detailed listing of components and dependencies within the software, making tracking vulnerabilities easier and ensuring compliance with regulations such as the CRA. Linux security administrators responsible for managing SBOMs must implement tools that automatically generate and maintain these inventories, track open-source components, evaluate their security posture, and promptly respond to vulnerabilities in software supply chains. Becoming proficient at managing SBOMs assists compliance and strengthens overall software supply chains. Compliance Tracking and Management Ensuring compliance with CRA standards requires constant oversight of all software and devices in your infrastructure, which makes compliance tracking essential. Compliance tracking involves keeping detailed records of security measures, software updates, vulnerability management activities, etc., demonstrating adherence to thesestandards. Administrators must establish efficient methods for documenting compliance activities and being ready for audits, including clear records of patch management, vulnerability assessments, and security testing results. Tools and guidelines created through Linux Foundation Europe and the OpenSSF initiative provide invaluable resources to aid administrators in streamlining these compliance tracking processes. Collaboration and Community Involvement Collaboration is at the core of open-source communities, and this initiative puts that strength to use to its maximum. The Linux Foundation Europe and OpenSSF are working with numerous stakeholders, including companies like ARM, Ericsson, GitHub, Kusari, OpenJS Foundation, and Red Hat Rust Foundation. Through such close cooperation, tools and guidelines that are comprehensive yet broadly applicable can be created. Engaging actively with the Linux security community is vital. Subscribing to industry newsletters and tracking updates on social channels will keep you abreast of recent events and developments. Contributing open source projects supporting this initiative also offers an invaluable opportunity to collectively share knowledge and enhance security practices. Education and Adaption With cybersecurity becoming ever-more dynamic, ongoing education and adaptation are critical. The initiative by Linux Foundation Europe and OpenSSF brings new tools, frameworks, or best practices that administrators must adopt. Keeping current with these resources and learning about emerging security threats is paramount to success. Furthermore, the advent of the CRA marks a growing global trend toward tightening security regulations by adapting proactively to this shift in policies and adapting their systems as necessary to comply with current requirements while being prepared for potential security threats in the future. Our Final Thoughts on This Security & Compliance Initiative The partnership between Linux Foundation Europe and OpenSource Security Foundation to implement the Cyber Resilience Act marks a historic moment in Linux security administration. This initiative emphasizes the necessity of enhanced security practices, rigorous compliance tracking, and effective management of SBOMs, fundamentally altering how we approach system security. Linux security administrators can benefit by accepting these changes, actively engaging with the open source community's efforts, and accepting tools and guidelines being developed to meet CRA requirements - ultimately increasing supply chain security. As the cybersecurity landscape transforms, staying informed, gaining new knowledge, and adapting to evolving regulations will become increasingly critical. This initiative offers an ideal way of strengthening security practices on Linux systems in response to emerging threats - providing increased resilience against them. . Adhering to GAAP regulations is essential for system administrators to safeguard data integrity and respond to changing legislation.. Cyber Resilience Act, compliance tracking, open source security, software dependencies, secure software design. . Brittany Day
Feb 10, 2025
•
Organizations/Events
72
firewallsoftware designopen sourceGuardian Digital Firewall Launch: A New Era in Internet Security
Guardian Digital, Inc., a leader in open source security products, today announced the release of a new firewall product that will revolutionize internet security as we know it, forever. Guardian Digital CEO Dave Wreski explains, "Our new product works differently from most other firewalls on the market, which can possibly allow dangerous packets into protected networks. Our technical wizards realized that all virus, worm, and malware authors use dangerous 'zeroes' in their binary code, therefore our new firewall product blocks all 'zeroes' while allowing the friendly, useful 'ones' through." . Some software that needs to traverse the new firewall will need to be rewritten solely using ones in their binary code, eliminating any use of the dangerous zeroes. "We believe this is a necessary change, and the programming time required to rewrite applications to use only ones will be offset by the halving of bandwidth usage gained by dropping the extremely dangerous zeroes at the firewall." says Wreski. Other analysts note that eliminating zeroes will cut the complexity of most software in half, gaining savings in both disk space and memory usage, as well as maintainability. "Why didn't someone think of this sooner?" asks famed security analyst April Q. Phoolenstein. "I never trusted those zeroes in the first place, looking around with their beady little eyes. It's simply about time we got rid of them." The new firewall works by creating a virtual net to filter packets through. "The ones, being skinnier, fit through the holes in the net, while the dastardly zeroes are caught and quarantined." explains Wreski. "The only user maintenance required will be to remove the hopper containing the zeroes occasionally and dispose of them in an environmentally safe manner, by flushing them down the toilet.". SafeWeb Technologies introduces an innovative shield that intercepts harmful payloads, revolutionizing cybersecurity measures and software architecture.. Guardian Digital, Firewall Product, InternetSecurity. . Brittany Day
Apr 01, 2005
•
Firewalls
79
risk managementsecure developmentsecurity assessmentAchieve High ROI With Effective Secure Development Strategies
Through fuller integration of security and development activities, the effectiveness and efficiency of security assessment will be increased and streamlined, the associated costs greatly reduced and organisations will enjoy the return on security investments (ROSI) at a greater rate. Until then, however, those organisations that are already using secure development implementation early in their development cycles will be able to continue to reap greater advantages over their competition. . . .. Thankfully these days' assessing the security of an application prior to implementation is a normal process for most organisations. Organisations accept the view that the earlier in the implementation cycle that security issues are identified, the greater the return on investment (ROI). However with such a mature attitude to implementation, it is hard to understand why organisations are not applying the same principals to the software development cycle as a whole. In fact currently there are only a limited few that are following best practice recommendations in regard to secure development and reaping the financial rewards that increased development controls bring. Secure development is the process of authoring software in such a way as to embrace information security at every stage of the cycle. By addressing information security issues at the design and prototype stages, huge savings in development costs can be made. Additionally, projects can be delivered faster, and post implementation maintenance costs can be minimised. There are a number of ways that this can be undertaken, but the most common procedures involve phased security assessments and reviews that encompass knowledge share; design assessment; component, system, user interface and production testing and regular security health checks. It has long been documented that security issues & vulnerabilities identified within applications commonly derive from development or design flaws. Although consuming between 5-15% of a project's overall budget, organisationshave learnt that the savings yielded by phased security assessments far outweigh the costs of performing them. Empirical data and industry studies have shown that the absolute cost of fixing a security issue decreases significantly, relative to how early that it is identified in the development cycle. The link for this article located at net-security.org is no longer available. . Evaluating software security before deployment enhances profitability by facilitating efficient incorporation and management during the coding phase.. Secure Software Development, Security Investment, Risk Management. . LinuxSecurity.com Team
Jun 08, 2004
•
Security Projects
77
system integritysoftware designopen sourceGene Spafford Critiques Open Source and Linux Security Design
Is open source software more secure? To most Linux enthusiasts, the answer is obvious: open source means more people can look for bugs and a faster dissemination of bug fixes. Obviously, yes. But noted security expert Gene Spafford says that this may not necessarily be true. According to the Purdue professor of computer science and co-author of Practical Unix & Internet Security, good security begins with good design and neither Windows nor Linux have much to brag about in that category.. . .. Is open source software more secure? To most Linux enthusiasts, the answer is obvious: open source means more people can look for bugs and a faster dissemination of bug fixes. Obviously, yes. But noted security expert Gene Spafford says that this may not necessarily be true. According to the Purdue professor of computer science and co-author of Practical Unix & Internet Security, good security begins with good design and neither Windows nor Linux have much to brag about in that category. And while you might not agree with Spaf's assessment of the strengths of open source, you have to admit that he knows a thing or two about computer security. He's the director of Purdue's Center for Education and Research in Information Assurance and Security, and has advised a wide variety of organizations on computer security, including CERT, the FBI, the Secret Service, and the Air Force. LP: You've been a vocal critic of both Windows and Linux's security design. What's the problem with Linux? Spafford: Windows is awful, but well, so is Linux. Neither presents an environment that your average business user or government user or home user is able to install and use out of the box without worries. And in fact, if you look at your typical Linux distributions, with all of these tools and extra drivers and everything that's thrown on, a lot of that is programmed by people without training, without careful thought, and without careful design. That's not the argument for the kernel. The kernel is rather tightly controlled by a smallgroup who do have expertise. The link for this article located at LinuxPlanet is no longer available. . Gene Spafford highlights that strong design is key to reducing vulnerabilities in open source. Transparency helps identify bugs, and community efforts are vital in resolving issues.. Open Source Security, Linux System Design, Security Insights. . LinuxSecurity.com Team
Oct 14, 2002
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More