Open Source

Balancing Security: When to Leverage Open-Source Tools vs. Commercial Tools

Nov 15, 2024 By Mackenzie Jackson In Aikido

When deciding what approach to use for security tooling, it seems like there are two choices. Like everything in security, there is more to unpack in reality. In this article I want to explore when open-source security tools should be used, when commercial tools are more effective, and if we can trust tools built from an open-source core.

Read Post

Aikido

Read more about Balancing Security: When to Leverage Open-Source Tools vs. Commercial Tools

Secure Python code faster with Code Sight: Real-time issue detection in Visual Studio | Black Duck

Nov 12, 2024 By Synopsys In Synopsys

Join David Bohannan, an R&D engineer at Black Duck, as he demonstrates using Black Duck's IDE plug-in, Code Sight to run static analysis on Python code within Visual Studio. Watch as Code Sight instantly detects vulnerabilities like OS command injection and cross-site request forgery while code is being written, helping developers fix issues early in the software lifecycle. David will demonstrate how leveraging Coverity's Rapid Scanning engine through Code Sight can allow developers to tackle issues such as secret scanning and ensure hardcoded secrets are flagged before they become risks to applications further downstream.

View Video

Synopsys

Read more about Secure Python code faster with Code Sight: Real-time issue detection in Visual Studio | Black Duck

Chris Hughes Reviews Jit's Open ASPM Platform

Nov 1, 2024 By Jit In Jit

Chris provides his perspective on Jit's approach to unifying leading open source product security scanners in one place to consolidate scanning, prioritization, and remediation.

View Video

Jit

Read more about Chris Hughes Reviews Jit's Open ASPM Platform

OpenRelik - OSS platform for collaborative digital forensic investigations with Johan Berggren

Oct 30, 2024 By LimaCharlie In LimaCharlie

Johan Berggren, Staff Security Engineer at Google, joined Defender Fridays to discuss OpenRelik - an OSS platform designed for collaborative digital forensic investigations.

View Video

LimaCharlie

Read more about OpenRelik - OSS platform for collaborative digital forensic investigations with Johan Berggren

SOSS Fusion 2024: Uniting Security Minds for the Future of Open Source

Oct 25, 2024 By Dwayne McDaniel In GitGuardian

Discover key takeaways from SOSS Fusion 2024, where security experts gathered to learn from one another about improving our world, AI, and the future of open-source security.

Read Post

GitGuardian

Read more about SOSS Fusion 2024: Uniting Security Minds for the Future of Open Source

Open Source Security for Hardening

Oct 14, 2024 By John Gates In CalCom

OS hardening refers to the process of enhancing the security of an operating system by implementing various measures and practices to minimize vulnerabilities and strengthen its resistance against potential cyber threats and attacks. This involves configuring the OS settings, applying security patches, disabling unnecessary services, and implementing access controls to create a more robust and secure computing environment.

Read Post

CalCom

Read more about Open Source Security for Hardening

Going beyond reachability to prioritize what matters most

Oct 1, 2024 By Jamie Smith In Snyk

Most modern applications contain a substantial number of open source packages, libraries, and frameworks. In fact, it's estimated that at least 80% of the source code in modern applications is from open source. In addition to relying heavily on commodity components to build applications, development teams often deploy these apps and services via community-sourced container base images.

Read Post

Snyk

Read more about Going beyond reachability to prioritize what matters most

Supply Chain Issues with OSS Libraries | Carlos Perez | Defender Fridays

Sep 12, 2024 By LimaCharlie In LimaCharlie

Carlos Perez, Director of Security Inteligence at TrustedSec, joined us to discuss Supply Chain Issues with OSS Libraries.

View Video

LimaCharlie

Read more about Supply Chain Issues with OSS Libraries | Carlos Perez | Defender Fridays

Making Sense of Open-Source Vulnerability Databases: NVD, OSV, and more

Jul 26, 2024 By Guest Expert In GitGuardian

Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise.

Read Post

GitGuardian

Read more about Making Sense of Open-Source Vulnerability Databases: NVD, OSV, and more

Better Security and Performance For Free? Why PostgreSQL is Amazing

Jul 24, 2024 By Guardians In GitGuardian

Upgrade your PostgreSQL instance to the newest version with confidence! In this benchmarking blog post, we show you the performance improvements you can expect when upgrading from PostgreSQL 13 to 16.

Read Post