open source
ODD Platform: Open-source data discovery and observability
Provectus released v0.8 of its Open Data Discovery Platform (ODDP), an open-source platform that helps data-driven enterprises democratize their data. Designed to overcome the …
Open-source tool puts machine learning dataset analysis at data scientists’ fingertips
Comet released Kangas, an open-source smart data exploration, analysis and model debugging tool for machine learning. Kangas, available on GitHub, helps users understand and …
Critical vulnerability in Spotify’s Backstage discovered, patched
A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in …
Open-source software fosters innovation, but only with the right controls in place
In businesses of all sizes, open-source software is a crucial component of the software supply chain, but the OSS supply chain is also facing new security issues – calling for …
Following Log4j: Supporting the developer community to secure IT
How bad was the Log4j vulnerability for open source’s reputation? One of the most high-profile exploits in recent years, it even led to a government advisory from the UK’s …
Ghostwriter: Open-source project management platform for pentesters
In this Help Net Security video, Christopher Maddalena, Director of Internal and Community Product at SpecterOps, showcases Ghostwriter, which helps you manage clients, …
MyOpenVDP: Open-source web application to securely disclose vulnerabilities
MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy (VDP). Developed by YesWeHack, the web application is available …
What closed-source software developers can learn from their open-source counterparts
Open-source software has reached greater levels of security than ever before, but its increased adoption comes with new challenges. In this Help Net Security video, Josep …
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those …
Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …
Secure portable operating system Tails 5.5 released
Tails, based on Debian GNU/Linux, is a portable operating system that protects against surveillance and censorship, and version 5.5 is now available for download. When …
CISA releases RedEye open-source analytic tool
CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye, available on GitHub, allows an …
Featured news
Resources
Don't miss
- Deploying AI at the edge: The security trade-offs and how to manage them
- Cybercrime forums Cracked and Nulled seized, operators arrested
- SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
- Zscaler CISO on balancing security and user convenience in hybrid work environments
- ExtensionHound: Open-source tool for Chrome extension DNS forensics