Regula: Open source policy engine for IaC security
Fugue announced Regula 1.0, an open source policy engine for infrastructure as code (IaC) security. Available at GitHub, the tool includes support for common IaC tools such as …
Secure Code Warrior enhances partner program, extends DevSecOps vendors integrations
At its inaugural Global Partner Virtual Summit, Secure Code Warrior announced significant enhancements to its global partner program, as well as expanded integrations with …
HackerOne integrates with GitHub to enable tracking and syncing of high-priority vulnerability reports
HackerOne announced a new workflow automation integration with GitHub that enables the tracking and synchronization of high-priority vulnerability reports between HackerOne …
Open source UChecker tool detects vulnerable libraries on Linux servers
CloudLinux announced UChecker, a free open source tool that scans Linux servers for vulnerable libraries that are outdated and being used by other applications. This provides …
AlmaLinux OS 8.4: A free open source alternative to CentOS
The AlmaLinux OS Foundation announced availability of AlmaLinux OS 8.4 just one week after the release of Red Hat Enterprise Linux (RHEL) 8.4. “This is our second stable …
Open-source tool Yor automatically tags IaC resources for traceability and auditability
Yor is an open-source tool from Palo Alto Networks that automatically tags cloud resources within infrastructure as code (IaC) frameworks such as Terraform, Cloudformation, …
Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools
As modern infrastructures get more complex everyday, DevOps teams have a hard time tracking infrastructure drift. The multiplicity of factors involved when running …
Sentry enhances platform capabilities to improve developer workflows and productivity
Sentry announced new and enhanced platform capabilities designed to improve developer workflows and productivity by making it easier to find and resolve the issues that really …
Kubestriker: A security auditing tool for Kubernetes clusters
Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services …
SniperPhish: An all-in-one open-source phishing toolkit
SniperPhish is an all-in-one open-source phishing toolkit that pentesters and other security professionals can use for setting up and executing email and web-based spear …
Cloud Sniper: Manage and automate cloud security operations
Cloud Sniper is an open-source platform for managing cloud security operations that aims to make it easy for cloud teams to deal with security incidents. “One of our …
Loft Labs launches vcluster, a working virtualization technology for Kubernetes
Loft Labs announced that vcluster, a virtual cluster technology for Kubernetes, is now freely available on GitHub. Rather than creating heavyweight, resource-hungry, isolated …