Please turn on your JavaScript for this page to function normally.
Tython
Tython: Open-source Security as Code framework and SDK

Development teams utilize automation through Infrastructure as Code (IaC) to facilitate rapid and frequent changes to their cloud-native architectures. Security teams must …

GitHub
GitHub introduces private vulnerability reporting for open source repositories

GitHub has announced that its private vulnerability reporting feature for open source repositories is now available to all project owners. General availability The private …

OSC&R
OSC&R open software supply chain attack framework now on GitHub

OSC&R (Open Software Supply Chain Attack Reference) is an open framework for understanding and evaluating software supply chain security threats. It has received the …

ChatGPT
How ChatGPT is changing the cybersecurity game

The cybersecurity industry can leverage GPT-3 potential as a co-pilot to help defeat attackers, according to Sophos. The latest report details projects developed by Sophos …

GitHub to introduce mandatory 2FA authentication starting March 13

Starting March 13, GitHub will gradually introduce the 2FA enrollment requirement to groups of developers and administrators, beginning with smaller groups. This measured …

dev
Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits

GitGuardian scanned 1.027 billion new GitHub commits in 2022 (+20% compared to 2021) and found 10,000,000 secrets occurrences (+67% compared to 2022). What is interesting …

Burp Suite extensions
5 open source Burp Suite penetration testing extensions you should check out

When it comes to assessing the security of computer systems, penetration testing tools are critical for identifying vulnerabilities that attackers may exploit. Among these …

Handshake
Veza integrates with GitHub to secure customers’ data

With Veza and GitHub integration, Veza customers who use GitHub can now keep company IP out of the hands of threat actors by managing access permissions to the organization’s …

git
Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)

A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …

bug
70% of apps contain at least one security flaw after 5 years in production

Veracode revealed data that could save organizations time and money by helping developers minimize the introduction and accumulation of security flaws in their software. Their …

open source
Nosey Parker: Find sensitive information in textual data and Git history

Praetorian has open-sourced the regular expression-based (RegEx) scanning capabilities of its Nosey Parker secret scanning tool. Scanning filesystem content for secrets …

code
Open-source tool for security engineers helps automate access reviews

ConductorOne open-sourced their identity connectors in a project called Baton, available on GitHub. Each connector gives developers the ability to extract, normalize, and …

Don't miss

Cybersecurity news