#open-source-security

[ follow ]
Privacy professionals
fromInfoQ
3 months ago

Implement the EU Cyber Resilience Act's Requirements to Strengthen Your Software Project

The European Cyber Resilience Act is a significant development aimed at enhancing cybersecurity across the continent.
Software development
fromDevOps.com
4 months ago

Google's OSV-Scanner V2: Leveling Up Vulnerability Management for Developers - DevOps.com

Google's OSV-Scanner V2.0 improves vulnerability management with advanced scanning capabilities, catering to a range of programming languages and formats.
fromDevOps.com
4 months ago

GitHub Action Compromise Risks Data Leaks for 23,000 Repositories - DevOps.com

A widely used GitHub Action has been compromised to leak sensitive information from public repositories.
DevOps
fromArs Technica
4 months ago

Large enterprises scramble after supply-chain attack spills their secrets

Open-source software tj-actions/changed-files was compromised with credential-stealing code, affecting thousands of organizations and highlighting vulnerabilities in software supply chains.
Information security
fromITPro
5 months ago

86% of enterprise codebases contain open source vulnerabilities

86% of codebases contain open source vulnerabilities, with many classified as high or critical risk.
Organizations must address dependency management to mitigate security risks in software development.
Information security
fromDeveloper Tech News
5 months ago

Matan Giladi, Apiiro: Guarding your code against malicious patterns

Malicious code remains a significant threat, highlighting the need for better security tools in software supply chains.
Apiiro has introduced open-source tools to enhance security against malicious code attacks.
fromDevOps.com
11 months ago

Endor Labs Adds Analytics and Patching Tools to Secure Open Source Software - DevOps.com

Endor Labs introduced the ability to assess how challenging it may be to upgrade open source software, identifying potential application disruptions. This aids DevSecOps in decision-making.
Information security
[ Load more ]