Don’t Leave Open Source Open to Vulnerabilities
Open-source software has become the foundation of the digital economy: Estimates are that it constitutes 70 to 90% of any given piece of modern software.
Open-source software has become the foundation of the digital economy: Estimates are that it constitutes 70 to 90% of any given piece of modern software.
You may not want to continue using 32-bit Linux kernels if you want a secure experience.
Believe it or not, you might be using a deprecated Linux command. It’s not really your fault. You are either habitual of using those commands or learned them through old, obsolete tutorials on the web.
Stack Overflow released the results of its annual developer survey this week, with responses from over 70,000 developers across 180 countries. The survey highlights attitudes, tools, and environments that are shaping software today.
ShiftLeft has released some rare positive news on the AppSec front by reporting that based on millions of scans on its customers, they found a 97% reduction in open source software (OSS) vulnerabilities.
Only about half of firms have an open source software security policy in place to guide developers in the use of components and frameworks, but those that do exhibit better security.
With the ever-growing threat of cyberattacks, it's more important for businesses to invest in robust cybersecurity measures. However, many businesses lack the in-house expertise to manage their security operations needs effectively.
Let’s look at what data security looks like on Linux and the often-exaggerated claims that accompany it.
Linux is a coveted target. It is the host operating system for numerous application backends and servers and powers a wide variety of internet of things (IoT) devices. Still, not enough is done to protect the machines running it.
"It’s important for the industry to understand that open source development burnout is real and can have a significant impact upon those who depend on the projects they maintain. Incentivize and recognize efforts. Don’t just take, but give back to the community."
Computer security only happens when software is kept up to date. That should be a basic tenet for business users and IT departments. Apparently, it isn’t. At least for some Linux users who ignore installing patches, critical or otherwise. A recent survey sponsored by TuxCare, a vendor-neutral enterprise support system for commercial Linux, shows companies fail to protect themselves against cyberattacks even when patches exist.
Red Hat recently released The State of Enterprise Open Source 2022 report, which highlights the changing perceptions about the use of the open source development model in the enterprise technology space. Now in its fourth year, the survey of nearly 1,300 IT decision makers reveals how organisations are increasingly shifting to open source software solutions to address COVID-19 related challenges and tackle new market demands for quality, speed and an evolving cybersecurity landscape.
How well do your Linux security practices stack up in today's challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute.
To prevent Linux exploits, organizations should establish an integrated security approach that extends to the network edge.
From ethical concerns, a desire for more money, and simple obnoxiousness, a handful of developers are ruining open-source for everyone.
There are hundreds of thousands of Linux and Raspberry Pi devices connected to the internet right now, protected by nothing more than the default password, that are proving a major security weak link.
Learn how an open source program office (OSPO) - a bureau of open source experts within your organization dedicated to overseeing how your company uses, creates and contributes to free software - could helps secure your software supply chain.
A big majority (89%) of IT chiefs believe open-source software is as secure as proprietary software, according to a survey by IBM-owned Red Hat, the maintainer of Red Hat Enterprise Linux (RHEL).
There's a lot of FUD about how Linux is being shown recently to be less secure than proprietary systems. That's nonsense. But, now there are hard facts from Google's Project Zero, Google's security research team, showing Linux's developers do a faster job of fixing security bugs than anyone else, including Google.
Devs and maintainers are getting paid ... though not to concentrate on security.