Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

open source

open source
Research reveals where 95% of open source vulnerabilities lie

New research from Endor Labs offers a view into the rampant but often unmonitored use of existing open-source software in application development and the dangers arising from …

code
Open-source tool for security engineers helps automate access reviews

ConductorOne open-sourced their identity connectors in a project called Baton, available on GitHub. Each connector gives developers the ability to extract, normalize, and …

Kali Linux
Kali Linux 2022.4 released: Kali NetHunter Pro, desktop updates and new tools

Offensive Security has released Kali Linux 2022.4, the latest version of its popular penetration testing and digital forensics platform. New tools in Kali Linux 2022.4 Aside …

CI Fuzz CLI
CI Fuzz CLI: Open-source tool to test Java apps for unexpected behaviors

CI Fuzz CLI, the open-source Command-Line Interface (CLI) tool from Code Intelligence, now allows Java developers to easily incorporate fuzz testing into their existing JUnit …

The Security Analyst's Guide to Suricata
Introducing the book: The Security Analyst’s Guide to Suricata

In this Help Net Security video interview, Eric Leblond, CTO at Stamus Networks, talks about The Security Analyst’s Guide to Suricata, a book he co-wrote with Peter Manev. Key …

CISA free resources
5 free resources from the Cybersecurity and Infrastructure Security Agency (CISA)

The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the United States Department of Homeland Security. CISA is in charge of enhancing cybersecurity and …

Kubernetes
The pros and cons of using open-source Kubernetes security software

Open source tools are a key part of the Kubernetes security environment, with most companies using open source Kubernetes security software, research by ARMO has revealed. In …

Open Data Discovery Platform
ODD Platform: Open-source data discovery and observability

Provectus released v0.8 of its Open Data Discovery Platform (ODDP), an open-source platform that helps data-driven enterprises democratize their data. Designed to overcome the …

Kangas
Open-source tool puts machine learning dataset analysis at data scientists’ fingertips

Comet released Kangas, an open-source smart data exploration, analysis and model debugging tool for machine learning. Kangas, available on GitHub, helps users understand and …

Backstage
Critical vulnerability in Spotify’s Backstage discovered, patched

A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in …

open source
Open-source software fosters innovation, but only with the right controls in place

In businesses of all sizes, open-source software is a crucial component of the software supply chain, but the OSS supply chain is also facing new security issues – calling for …

open source security
Following Log4j: Supporting the developer community to secure IT

How bad was the Log4j vulnerability for open source’s reputation? One of the most high-profile exploits in recent years, it even led to a government advisory from the UK’s …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools