open source
5 free resources from the Cybersecurity and Infrastructure Security Agency (CISA)
The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the United States Department of Homeland Security. CISA is in charge of enhancing cybersecurity and …
The pros and cons of using open-source Kubernetes security software
Open source tools are a key part of the Kubernetes security environment, with most companies using open source Kubernetes security software, research by ARMO has revealed. In …
ODD Platform: Open-source data discovery and observability
Provectus released v0.8 of its Open Data Discovery Platform (ODDP), an open-source platform that helps data-driven enterprises democratize their data. Designed to overcome the …
Open-source tool puts machine learning dataset analysis at data scientists’ fingertips
Comet released Kangas, an open-source smart data exploration, analysis and model debugging tool for machine learning. Kangas, available on GitHub, helps users understand and …
Critical vulnerability in Spotify’s Backstage discovered, patched
A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in …
Open-source software fosters innovation, but only with the right controls in place
In businesses of all sizes, open-source software is a crucial component of the software supply chain, but the OSS supply chain is also facing new security issues – calling for …
Following Log4j: Supporting the developer community to secure IT
How bad was the Log4j vulnerability for open source’s reputation? One of the most high-profile exploits in recent years, it even led to a government advisory from the UK’s …
Ghostwriter: Open-source project management platform for pentesters
In this Help Net Security video, Christopher Maddalena, Director of Internal and Community Product at SpecterOps, showcases Ghostwriter, which helps you manage clients, …
MyOpenVDP: Open-source web application to securely disclose vulnerabilities
MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy (VDP). Developed by YesWeHack, the web application is available …
What closed-source software developers can learn from their open-source counterparts
Open-source software has reached greater levels of security than ever before, but its increased adoption comes with new challenges. In this Help Net Security video, Josep …
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those …
Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …
Featured news
Resources
Don't miss
- Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025