AWS Open Sources Security Tools
AWS is open sourcing its Cedar policy language and authorization engine and Snapchange, an open source snapshot-based fuzzing tool.
AWS is open sourcing its Cedar policy language and authorization engine and Snapchange, an open source snapshot-based fuzzing tool.
This week alongside several other Linux Foundation events in Vancouver was the Linux Security Summit. Commanding a significant presence at the Linux Security Summit was Microsoft.
The Linux Foundation has just announced the full schedule for the Embedded Open Source Summit, which will take place on June 27-30, 2023 in Prague, Czech Republic, as well as virtually starting on June 26.
A federal judge has sided with four publishers who sued an online archive over its unauthorized scanning of millions of copyrighted works and offering them for free to the public. Judge John G. Koeltl of U.S. District Court in Manhattan ruled that the Internet Archive was producing “derivative” works that required permission of the copyright holder.
More critical flaws similar to Log4Shell found in open source are almost inevitable, but Open Source Security Foundation’s (OpenSSF’s) goal is to make those incidents rare and continually make the attackers’ job harder, a Linux Foundation executive noted.
Linux Foundation Europe, an independent trusted supporter and vendor-neutral home for open source projects in Europe, today announced the official formation of the OpenWallet Foundation (OWF). This new, collaborative effort will develop open source software to support interoperability for a wide range of wallet use cases, including making payments, proving identity, storing validated credentials such as employment, education, financial standing, and entitlements — to enable trust in the digital future.
In just six months, the OpenWallet Foundation (OWF) has grown from three to 350 global organizations, including trillion-dollar companies, which intend to collaborate to create and open-source engine that “anyone can use to build interoperable, secure, and privacy-protecting digital wallets.”
The Open Metaverse Foundation (OMF), launched last week by the Linux Foundation, was created to implement the protection and interoperability standards required to drive metaverse adoption at scale, according to Royal O’Brien, a Linux Foundation GM and the executive director of OMF.
The Linux Foundation has announced plans to build an open-source metaverse which it says could be “as impactful as the World Wide Web”, so long as companies, developers, and founders come together to meet shared goals.
In the face of economic headwinds and a worsening problem with code vulnerabilities, 2022 was still a successful year for open source and The Linux Foundation (LF).
“Log4j has been around for 20 years; it’s become embedded into nearly every meaningful Java application; and the Log4Shell event led to compromises in everything from iCloud to physical security systems. Moreover, malware groups are continuing to exploit unpatched Log4j instances. We will likely see additional Log4Shell-like events unless we address its root issues.”
Microsoft announced that its Secure Supply Chain Consumption Framework (S2C2F) has been adopted by the Linux Foundation’s Open Source Security Foundation (OpenSSF) in a move to improve “supply chain security for everyone,” according to Microsoft Azure CTO Mark Russinovich.
The Open Source Security Foundation (OpenSSF), a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important software supply chain security initiatives, today announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform-as-a-service, semiconductors, finance, think tanks, academics, and more, bringing the total number of OpenSSF members to over 100.
IBM launched the next generation of its enterprise-grade Linux server family, IBM LinuxONE at the Government Data Center & Infrastructure Summit 2022, New Delhi on 11th November 2022.
There was a lot covered at this year’s 2022 RhythmWorld Security Conference! In one of our more technical sessions, we discussed Microsoft Sysinternals’ recent release of Sysmon for Linux, an open-source Linux system monitoring tool.
It's no secret that the IT department has struggled with encryption for Linux devices many years due to a gap in the management and compliance capability available in their current Linux solution sets.
Both Linus Torvalds' Open Source Summit keynote and Jonathan Corbet's "Kernel Report" discussed efforts to allow Rust modules in Linux.
There is no shortage of challenges when it comes to securing open source software and no shortage of ideas for how to mitigate risks.
OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing. Microsoft and Google are supporting the Alpha-Omega Project with an initial investment of $5 million.
A trio of cybersecurity conferences — BSidesLV, Black Hat USA and DEF CON — kicks off this week in Las Vegas in what’s collectively known as Hacker Summer Camp, bringing together policymakers, executives, experts, hackers and enthusiasts against a backdrop of some of the most unsettled international events of recent years.