LimaCharlie announces sponsorship of the Intel Owl open source project
Following our recent announcement about supporting the open source community, LimaCharlie is excited to share that we have decided to sponsor the IntelOwl project.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
WTF is Open Source
Are you looking to join an existing open source project, but don’t know where to start? Interested in finding out more about open source software in general? Looking to start a personal project but don’t know what to base it on? If the answer is yes, this event could be for you. We will be hosting a panel discussion with amazing leaders within the OS space. They will share everything from how they got involved, what they are working on at the moment as well as share any tips and tricks they learnt along the way.
Protestware is trending in open source: 4 different types and their impact
A few days ago, Snyk reported on a new type of threat vector in the open source community: protestware. The advisory was about a transitive vulnerability — peacenotwar — in node-ipc that impacted the supply chain of a great deal of developers. Snyk uses various intel threat feeds and algorithms to monitor chatter on potential threats to open source, and we believe this may just be the tip of a protestware iceberg.
Opensource from hell: malicious JavaScript distributed via opensource libraries, again
It’s open source, anyone can audit it, but is it safe? In this blog our CSO explores why distribution of malicious scripts via libraries is causing a stir amongst the open-source community and how you can defend against it.
Build a software bill of materials (SBOM) for open source supply chain security
More than ever, developers are building web applications on the foundations of open source software libraries. However, while those libraries make up the software bill of materials (SBOM) components inventory, not all developers and business stakeholders understand the significant impact on open source supply chain security that stems from including 3rd party libraries.
LimaCharlie announces sponsorship of two open-source projects
At LimaCharlie, we are building a world where people and organizations can realize their full potential without compromising security along the way. We believe that it’s best to leave security in the hands of security professionals while enabling them with powerful tools to do what they can do best. For us, these are not just words. It’s a core belief that guides everything we do. Security is about people.
Snyk Customer Story - Atlassian
Atlassian's Will Ratner, product security engineer, and Sharada Moorthy, security software development engineer, explain why they chose Snyk to scale scanning of containers and open source dependencies for vulnerabilities at Atlassian.
The Dangers of Open Source and Software Supply Chain Attacks
Supply chain attacks tripled in 2021, meaning a secure software development lifecycle is more important than ever. Do you know what open source software (OSS) components are in use within your organisation? Or how to find out?
Best Practices and Pitfalls for Using Open Source Components in Fintech
Financial technology companies are at the forefront of banking evolution, driving innovation and fighting to stay ahead of both the large bank behemoths and the next wave of fintech companies coming along behind them. In this webinar, Peak6 Director of Open Source, and Snyk Field CTO and Field CISO, discuss best practices for secure development in highly regulated Fintech companies.
Five Critically Important Facts About npm Package Security
In 2021, the WhiteSource Diffend automated malware detection platform detected and reported more than 1,200 malicious npm packages that were responsible for stealing credentials and crypto, as well as for running botnets and collecting host information from machines on which they were installed.