The country’s top cybersecurity agency is continuing to urge software developers to adopt memory-safe programming languages to help reduce the number of vulnerabilities in their products.
Friend or Foe? ChatGPT’s Impact on Open Source Software
OpenAI’s ChatGPT took the world by storm, amassing 100 million users in the first two months after its public launch. The continued interest in the tool has created a buzz among developers, especially those in the open source community. But this begs the question: How will ChatGPT impact open source software? Amid the excitement and […]
Report Identifies Top 10 Open Source Software Risks
Endor Labs, a provider of a platform for managing open source software, published a report that classifies the top 10 open source software risks of 2023. The company published the list as part of an effort to better educate application development teams about issues that can lead to software supply chain compromises. That list includes: […]
Managing Risk
We have built some beautiful toolchains that crank out a finished product on the fly without needing anything close to the level of intervention that was historically required. The most advanced organizations on an automation journey could change a line of code and then wait for the new version to hit production without doing a […]
groundcover Launches OSS Cluster Map
Tel Aviv, ISRAEL, January 9, 2023 – groundcover, a start up with a mission to reinvent the cloud-native application monitoring domain with eBPF, launches Caretta today: an OSS tool which helps teams instantly create a visual network map of the services running in their cluster. Caretta leverages eBPF technology to collect data in an efficient way […]
TechStrong Con: Open Source Software Community Needs Security Help
The only way to make significant improvements in the state of open source security is if more organizations that benefit from open source projects commit to making more resources available to achieve that goal. At the virtual TechStong Con event, executives on an Open Source and DevOps panel called for more contributions from enterprise IT […]
Sysdig Open Source is Extended to Secure Cloud Services
New integration enables any Falco plugin to be used for Sysdig OSS VALENCIA, SPAIN, (KubeCon + CloudNativeCon Europe), May 16, 2022 — Sysdig, the unified container and cloud security leader, announced that Sysdig open source, the incident response standard for containers, has been extended to the cloud. Using system calls, Sysdig open source (Sysdig OSS) […]
Agile Development at 20: Can it Thrive in the Hybrid Work Era?
The Agile Manifesto turns 20 this year, and while many of the core tenets are still applicable, the world has changed considerably in the last two decades. What would the Agile Manifesto look like if it was written today and took into consideration our new reality of hybrid working environments? Changes are most definitely needed, […]
Secure Software Summit: Measuring and Mitigating OSS Risks
Measuring and mitigating the security risks in open source software is becoming a major issue in the software development community. Attacks on open source software (OSS) are on the rise; open source supply chain attacks grew 650% in 2021—a staggering number. 2021 and early 2022 saw significant attacks which impacted more than 1,000 organizations. The […]
Secure Software Summit: The State of OSS Supply Chain Security
The open source software (OSS) supply chain is under attack. As evidenced by the recent Log4Shell vulnerability, the OSS supply chain is increasingly a focus for attackers seeking to exploit weak links in security. A number of research reports have recorded a significant increase in so-called ‘next-gen software supply chain attacks‘ over the past decade. […]