One year after the Log4j disaster, open source community efforts and new developer toolchains are addressing the challenges of software supply chain security. Early December marked the one-year ...

Open source has always been a rich source of tools for security professionals. Metasploit , the open-source penetration testing framework, was for a long time the best-known.

As more of the software stack consists of third-party code, it's time for a more-advanced open source vetting system. Curtis Yanko , Principal Solutions Architect, GrammaTech October 26, 2022 ...

The importance of managing open-source software and SBOM for software security will be an ever-present concern in 2024, according to Anthony Tam, manager for security engineering at Tigera, an active ...

Open source security trends for 2025 For his work, Hughes defined open source as software for which source code is freely available and can be used to build other projects, possibly with some ...

Image: klss777/Adobe Stock. Endor Labs, a software firm that facilitates the security and maintenance of open-source software, has released a report identifying the top 10 security and operational ...

We need an open source intelligence center by Rodney Faraon and Peter Mattis, opinion contributors - 01/20/23 11:30 AM ET ...

Wazuh is one of the fastest-growing open source security platforms, with over 20 million downloads, ... Wazuh integrates with a range of security solutions like Elastic Stack, ...

The report noted a significant drop in confidence in open-source supply chain security — from 23.81% to 12.31%. This decline likely reflects increased awareness of supply chain attacks, such as the XZ ...

Wherever you may land on the security implications of using DeepSeek, it’s undeniable that its launch dropped a bomb on the AI ecosystem – and crucially, on open versus close source programming.