software
Sigstore: Signature verification for protection against supply chain attacks
Software supply chain attacks have been increasing over the past few years, spurring the Biden administration to release an executive order detailing what government agencies …
Review: Hornetsecurity 365 Total Protection Enterprise Backup
Hornetsecurity 365 Total Protection Enterprise Backup is a cloud-based data protection and security solution that provides protection against spam, malware, and other advanced …
Kali Linux 2022.2 released: Desktop enhancements, tweaks for the terminal, new tools, and more!
Offensive Security has released Kali Linux 2022.2, the latest version of its popular penetration testing and digital forensics platform. Cosmetic changes Kali Linux 2022.2 …
Principles for Kubernetes security and good hygiene
Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. What’s …
The state of open-source software supply chain security in 2022
In this video for Help Net Security, Donald Fischer, CEO at Tidelift, talks about the state of open-source software supply chain security in 2022. Open source is the modern …
Challenges development teams face when building applications with open source
Tidelift released a report providing critical insights into the state and practice of open source software supply chain management. This comprehensive study of nearly 700 …
86% of developers don’t prioritize application security
Secure Code Warrior released findings from its survey, which found that developers’ actions and attitudes toward software security are in conflict. While many developers …
Security flaws found in 82% of public sector software applications
Veracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest …
Why banks should incorporate software bill of materials (SBOM) into their third-party risk programs
In the face of rising cybersecurity threats, the Biden administration issued an executive order in May 2021 calling for improvements in the supply chain. Among the recommended …
The Linux Foundation’s Census of OSS app libraries helps prioritize security work
The Linux Foundation announced the final release of “Census II of Free and Open Source Software – Application Libraries,” which identifies more than one thousand of the …
Attackers used Dridex to deliver Entropy ransomware, code resemblance uncovered
Sophos released a research that details code similarities in the general purpose Dridex botnet and the little-known ransomware, Entropy. The similarities are in the software …
Software supply chain security still a pain point
ActiveState announced the results of its survey, providing insights into the security challenges of the software industry’s open source supply chain, which includes the …