The percentage of open source code in proprietary apps is rising
The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging …
auditing
IT audit best practices: Technological changes give rise to new risks
IT security and privacy, IT governance and risk management, regulatory compliance, emerging technology and cloud computing are the key issues impacting IT audit plans in 2018, …
Wire shares results of independent security audit of its secure messaging apps
When I last spoke to Alan Duric, co-founder and (at the time) CEO of the company developing secure messaging application Wire, he stressed the importance of independent and …
Soon, organizations will be valued on their information portfolios
By 2021, the prevalence of equity analysts valuing organizations’ information portfolios in valuing businesses themselves will spark formal internal information …
Security audit of Dovecot mailserver reveals good security practices
Dovecot – a popular open source IMAP and POP3 server for Linux/UNIX-like systems – is as secure as its developers claim it is. A security audit performed by German …
OpenVPN to get two separate security audits
VPN service Private Internet Access (PIA) announced that they have contracted noted and well-reputed cryptographer Dr. Matthew Green to perform a security audit of OpenVPN. …
80% of digital publishers don’t know how their web traffic is audited
The burden of proof is on publishers to defend their web traffic, yet 80 percent admit they don’t have insight into how their traffic is audited, raising questions about which …
Announced: Independent OpenVPN security audit
VPN service Private Internet Access (PIA) has just announced that they have contracted noted and well-reputed cryptographer Dr. Matthew Green to perform a security audit of …
VeraCrypt security audit reveals many flaws, some already patched
VeraCrypt, the free, open source disk encryption software based on TrueCrypt, has been audited by experts from cybersecurity company Quarkslab. The researchers found 8 …
Quickly audit and adjust SSH server configurations with SSH-audit
SSH-audit is a standalone open source tool for auditing and fixing SSH server configurations. It has no dependencies and will run wherever Python is available. It supports …
Mozilla will fund code audits for open source software
The Mozilla Foundation has set up the Secure Open Source (SOS) Fund, whose aim is to help open source software projects get rid their code of vulnerabilities. “The Fund …
Docker Security Scanning: Generate a security profile for Docker images
Docker announced Docker Security Scanning, an opt-in service for Docker Cloud private repo plans that provides a security assessment of the software included in container …