With the ability to move quickly, easily integrate, and review the code’s security firsthand, it is really no surprise that many governments are turning to open source software for their IT projects and initiatives. Email systems house and transmit sensitive information that government agencies... Read more
Open source software is still software and vulnerabilities are expected. Unlike a filesystem bug or a kernel panic, they cause no pain until they strike.
In this week's edition of our open source news roundup, we take a look at the the future of Linux, Google's Internet of Things (IoT) standard, a new Code.org crowdfunding campaign, and more! Open source news for your reading pleasure. October 4 - 10, 2014
In my previous on article on Docker Security, I wrote that containers do not contain. In this second part, I cover the security features that have been added to Docker to attempt to control processes within a container.
This article is based on a talk I gave at DockerCon this year. It will discuss Docker container security, where we are currently, and where we are headed. This is part of a series on Docker security, read part two.
At this point, I have more usernames and passwords to juggle than any person should ever have to deal with. I know I'm not alone, either. We have a surfeit of passwords to manage, and we need a good way to manage them so we have easy access without doing something silly like writing them down where... Read more
The Open Web Application Security Project (OWASP) is a not-for-profit charitable organization focused on improving software security. OWASP works on the principles of open source software, particularly the idea that the community is the force of creation and contribution. The unique aspect here is... Read more
It’s been a while since I started to talk to people in the financial services ecosystem about our approach towards open source. At first, most of them thinking we were either bold, ahead of our time, or mad would listen to our story but would not really comment: "Let’s see where it goes" or "good... Read more
The United States energy grid is composed of many moving and non-moving cyber security assets that all have to, to some degree, speak the same language. The language of machine-to-machine communications has become big business lately, however devices that control how the power gets from the plant... Read more
With all the benefits of open source, improper management of its use may result in substantial legal, business, and technical risks. Most research and design managers know that they have to manage open source licenses, but not many are monitoring for security vulnerabilities and other bugs in open... Read more