![Kevin Valk](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/29110533/kevin_valk-2-codean-400x200.jpg)
What does optimal software security analysis look like?
In this Help Net Security interview, Kevin Valk, co-CEO at Codean, discusses the consequences of relying solely on automated tools for software security. He explains how these …
![Google package](https://img.helpnetsecurity.com/wp-content/uploads/2023/04/13142338/google-package-400x200.jpg)
Google delivers secure open source software packages
Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …
![fuzzing](https://img.helpnetsecurity.com/wp-content/uploads/2017/05/09104433/twitter-iot1-400x200.jpg)
Vulnerabilities in cryptographic libraries found through modern fuzzing
Recently patched vulnerabilities in MatrixSSL and wolfSSL, two open-source TLS/SSL implementations / libraries for embedded environments, have emphasized the great potential …
![Fuzz CLI](https://img.helpnetsecurity.com/wp-content/uploads/2022/09/22131547/fuzz_cli-fuzz_testing-400x200.jpg)
CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++
Fuzz testing helps developers protect their applications against memory corruptions, crashes that cause downtime, and other security issues, including DoS and uncaught …
![Apache OpenOffice](https://img.helpnetsecurity.com/wp-content/uploads/2021/09/22101136/apache-openoffice-1200_hns-400x200.jpg)
A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035)
Apache OpenOffice, one of the most popular open-source office productivity software suites, sports a RCE vulnerability (CVE-2021-33035) that could be triggered via a specially …
![Google Security](https://img.helpnetsecurity.com/wp-content/uploads/2020/04/22143734/google_security-400x200.jpg)
Google aims to improve security of browser engines, third-party Android devices and apps on Google Play
Google has announced two new security initiatives: one is aimed at helping bug hunters improve the security of various browsers’ JavaScript engines, the other at helping …
![hardware](https://img.helpnetsecurity.com/wp-content/uploads/2019/08/09093707/hardware2-400x200.jpg)
Microsoft open-sources tool that enables continuous developer-driven fuzzing
Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results …
![USB](https://img.helpnetsecurity.com/wp-content/uploads/2020/05/28135319/usb-chaos-400x200.jpg)
New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows
With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating …
![smart card](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100418/smartcard3-400x200.jpg)
Vulnerabilities in smart card drivers open systems to attackers
Security researcher Eric Sesterhenn of X41 D-SEC GmbH has unearthed a number of vulnerabilities in several smart card drivers, some of which can allow attackers to log into …
![fuzzing](https://img.helpnetsecurity.com/wp-content/uploads/2017/05/09104433/twitter-iot1-400x200.jpg)
Microsoft opens fuzz testing service to the wider public
Microsoft Security Risk Detection, a cloud-based fuzz testing service previously known under the name Project Springfield, is now open to all and sundry. Fuzz testing (i.e. …
![fuzzing](https://img.helpnetsecurity.com/wp-content/uploads/2017/05/09104433/twitter-iot1-400x200.jpg)
Google found over 1,000 bugs in 47 open source projects
In the last five months, Google’s OSS-Fuzz program has unearthed over 1,000 bugs in 47 open source software projects, and it’s ready to integrate even more of …
![](https://img.helpnetsecurity.com/wp-content/uploads/2016/09/09110456/ms-project-springfield-400x200.jpg)
Project Springfield: Cloud-based fuzz testing for uncovering million-dollar bugs
This Moday Microsoft debuted Project Springfield, a cloud-based fuzz testing (aka fuzzing) service that the company has been working on for a quite a while. David Molnar and …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD