Open Source Software Vulnerabilities Increased By 130% in 2019


The number of open source software (OSS) vulnerabilities more than doubled in 2019 compared with 2018, a new RiskSense report has shown. Total common vulnerabilities and exposures vulnerabilities (CVEs) reached […].

Where’s The Value In Open Source?

Forrester IT

In a brand-new stream of research, VP and principal analyst James Staten and I will be taking a close look at open source software (OSS) as a strategy for modern businesses. We are seeking your help on answering a few burning questions related to our initial upcoming report, “The Case For An Open Source Strategy,” […].

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Open source security report finds library-induced flaws in 70% of applications

Tech Republic Security

Problems are everywhere, but most fixes are easy to find and implement, according to a Veracode report that analyzed

what every open source project needs


In the last few years open source has transformed the software industry. From Android to Wikipedia, open source is everywhere, but how does one succeed in it? While open source projects come in all shapes and sizes and all forms of governance, no matter what kind of project you’re a part of, there are a set of fundamentals that lead to success. What Every Successful Open Source Project Needs. Open Source is taking over the world.

Al-Qaeda Innovations Correlated To Unauthorized Disclosures By Snowden: Independent Verification Through Open Source Intelligence


Analysts can use Recorded Future to visualize information in multiple intuitive ways that can help draw out insights from an incredible array of sources. By Bob Gourley. Students of history know what happens when adversaries learn how the good guys collect intelligence on them.

Linux Foundation: Open Source Code Worth $5B

Data Center Knowledge

Report attempts to quantify value of collaborative code Read More. Shared

ThreatBrief: Strategic Cyber Intelligence Delivered Daily


This is an open source intelligence report modeled after the concept of the President’s Daily Brief (PDB). To ensure you never miss a report sign up for the Threat Brief here. Open Source threat briefings are foundational but almost never sufficient for reducing organizational risk. Company Cyber Intelligence Companies Security Companies Services Companies Open Source Open Source Intelligence ThreatBrief

Pivotal CEO Hints At Big Shift In Their Hadoop Offerings


VentureBeat and GigaOm are both reporting that Pivotal will be announcing some big shifts in their Hadoop and other related offerings (recall that Pivotal is the firm spun off from EMC and VMware and has GE as a major investor). By Michael Johnson.

Demise of OpenStack Innovation Center does not mean demise of OpenStack

Forrester IT

The ever-dependable Barb Darrow at Fortune reported late last week that the OpenStack Innovation Center (OSIC) is to shut down. But this may not be quite so bad as it appears, because the OpenStack Innovation Center isn't nearly so critical to the open source cloud computing project as its name might imply. Read more Categories: Open Source. CIO Open Source OpenStack cloud computing

ThreatBrief: Strategic Cyber Intelligence Delivered Daily


This is an open source intelligence report modeled after the concept of the President’s Daily Brief (PDB). To ensure you never miss a report sign up for the Threat Brief here. Open Source threat briefings are foundational but almost never sufficient for reducing organizational risk. Analysis Cyber Security DoD and IC Open Source Intelligence President's Daily Brief ThreatBriefThe Daily Threat Brief provides strategic insights into threats.

Pioneering Tech Blog GigaOm Abruptly Shuts Down


Here is more on the GigaOm Shutdown: Om Malik provided the most important insight to read on his personal blog , reporting that: Gigaom is winding down and its assets are now controlled by the company’s lenders. Analysis Big Data CTO News Open Source Pro Om Malik By Bob Gourley.

Open source users: It’s time for extreme vetting

Network World

Open source software is the norm these days rather than the exception. Discover how to secure your systems with InfoWorld's Security Report newsletter. ]. InfoWorld: Why is Red Hat getting on the soapbox about open source security? The code is being written in high volumes and turning up in critical applications. While having this code available can offer big benefits, users also must be wary of issues the code can present and implement proper vetting.

The Threat Brief: Providing daily context on threats to your mission


The newly revised formats and enhanced reporting of our daily ThreatBrief have caused readership to take off. Analysis Big Data CTO CTOvision Admin Cyber Security DoD and IC Health IT Mobile News Open Source Technology News The Future ThreatBrief

Marc Andreessen on the Future of Technology and Automation, Robotics, and AI can Impact Government Service


Government use cases for them include weather reporting, law enforcement, health, environmental monitoring, traffic control, safety, emergency response and communications. By Bob Gourley. This is the third installment in our series flowing from recent dialog with Marc Andreessen.

Our Freemium Future: Development teams take advantage of free, entry-level versions of software 


From the perspective of Michael Williams, BIRT Product Evangelist & Forums Manager at reporting and analytics leader Actuate, freemium software is a resource that can really help the enterprise. While they seem similar, it’s worth saying at this juncture that freemium and open source are not the same thing. Freemium software can be based on open source code, but the code inside the freemium software is not exposed.

HackerOne offers bug bounty service for free to open-source projects

Network World

HackerOne, the company behind one of the most popular vulnerability coordination and bug bounty platforms, has decided to make its professional service available to open-source projects for free. Here at HackerOne, open source runs through our veins," the company's representatives said in a blog post. Our company, product, and approach is built on, inspired by, and driven by open source and a culture of collaborative software development.

ForgeRock: The Open Identity Stack


Their open source foundation makes them incredibly interoperable so they work well with legacy IT as well as the most. Registering as a CTOvision Pro member provides unique insights, exclusive content and special reporting that can help you achieve more in your professional life. With this post we are initiating formal coverage of ForgeRock, a firm we have written about in the past and have informally followed since their formation.

Defense Department needs to embrace open source or military will lose tech superiority

Network World

The Department of Defense needs to move past open source myths that have been debunked and jump on the open source bandwagon or the DoD and U.S. military will not be able to maintain tech superiority, warns a Center for a New American Security (CNAS) report. Unless the department is able to accelerate how it procures, builds, and delivers software, it will be left behind,” said the authors of “Open Source Software and the Department of Defense” ( pdf ).

New White Paper, “The Public Sector Improves Security and Efficiency with Hadoop”, Available in Research Library


Good Government includes preventing fraud, waste, and abuse; delivering timely and accurate public reporting; analyzing citizen engagement with social media. With its efficient use of commodity hardware and its ability to scale linearly, open-source Apache Hadoop is an ideal platform upon which to offload many data processing workloads. By Charles Hall. Interested in using Hadoop in the federal space?

What Do CIOs Need To Know About Hadoop?

The Accidental Successful CIO

Hadoop is an open source database for dealing with big data that CIOs are getting excited over. Hadoop is an open source database that offers the promise of allowing you to get on top of this flood of data and to be able to make sense out of it.

Report: OpenStack Deployments Move Beyond Test and Dev

Data Center Knowledge

Study also finds open source cloud infrastructure software deployments aren't limited to large enterprise Read More. Shared

Hortonworks Named a Leader in Big Data Hadoop Distributions Report


invited to participate in its January 2016 report entitled "The Forrester Wave TM : Big Data Hadoop Distributions, Q1 2016." It was noted in the Forrester Report that, "Hortonworks doubles-down on inclusive, broad community innovation. Hortonworks is a rock when it comes to its promise to offer a 100% open source distribution. All of the technology built into HDP is an Apache open source project. Katie Kennedy.

May and June 2015 Server StorageIO Update Newsletter

Storage IO Blog

announcement backup BC and DR big data Cloud Comment converged convergence Data footprint and proliferation reduction Data protection database Education I/O Networking Infrastructure Resource Management IT Industry Activity IT Infrastructure Topics Lab report little data news object storage Performance and Capacity post server ssd Storage and Storage Management Tools Storage Architecture and Access tools virtualization afa container docker DSSD EMCworld FLASH open source Software Defined

Some Good News About Application Security

Forrester IT

In my new report, “The State Of Application Security, 2020,” some of the trends are. Applications remain the most popular attack vector, open source continues to infect everything, and too many industries are not investing in the application security controls they need.

December Tech Trends Report and 2016 Enterprise Tech Projections


Welcome to December's Technology Trends report. If you would like to change the e-mail address you get this report on please visit this link: [link]. Open up new methods for criminals to steal information. And to tailor your news by topic area please visit the sites below and subscribe to the specific social media feeds and newsletters that most interest you: - Providing an updated feed of open source threat intelligence reporting, including a daily report.

Trends 191

Looking Back: 2019 Project Report Card

Scott Lowe

Then, near the end of that same year or very early in the following year, I evaluate how I performed against that list of personal projects (for example, here’s my project report card for 2018 ). For reference, here’s the list of projects I set out for myself for 2019 (you can read the associated blog post , if you like, for additional context): Make at least one code contribution to an open source project.

Sign Up For The Daily Threat Brief: Receive Strategic Cyber Intelligence Each Morning


The Daily Threat Brief is an open source intelligence report modeled after the concept of the President’s Daily Brief (PDB). This free report provides strategic insights into the cyber threats you need to track. The report is produced by the analysts of Cognitio to provide insights into global risk and security issues. The insightful information in […]. CTO Cyber Security News

Stand By For Reporting From the Intelligence and National Security Summit 18-19 Sep 2014 #Intelligence2014


I can’t wait to hit the expo floor and learn the latest and will be reporting more here for our CTOvision Pro readers. Director for Analysis, Open Source Center. By Bob Gourley. For the next two days in DC over 1000 key leaders from the national security community will be converging in a dynamic examination of intelligence and national security issues at the Intelligence and National Security Summit.

Report 275

Looking Back: 2018 Project Report Card

Scott Lowe

Over the last five years or so, I’ve shared with my readers an annual list of projects along with—at the year’s end—a “project report card” on how I fared against the projects I’d set for myself. For example, here’s my project report card for 2017.) Following that same pattern, then, here is my project report card for 2018. Make three contributions to open source projects.

Looking Back: 2017 Project Report Card

Scott Lowe

So, here’s a look back at my 2017 projects and a report card on my progress (or lack thereof, in some cases). Launch an open source book project. Finish the network automation book: I’m happy to report that all the content for the network automation book I’ve been writing with Jason Edelman and Matt Oswalt is done, and the book is currently in production (and should be available to order from O’Reilly very soon).

Connecting MongoDb in PowerBI

Perficient - Digital Transformation

Mongo DB is a free and open source No Sql database which uses JSON like documents. News Analytics Reporting Business Intelligence Power BI reporting

How to make data lakes reliable


High quality, reliable data forms the backbone for all successful data endeavors, from reporting and analytics to machine learning. Delta Lake is an open-source storage layer that solves many concerns around data.

Looking Back: 2016 Project Report Card

Scott Lowe

Make more open source contributions. Make more open source contributions: This is another area I continue to struggle. While I make “contributions” (in a very loose sense of the word) to various open source projects through blogging and education, it’s still not the same. In 2016, I made zero contributions to any significant open source project.

Snakes in the Satellites: PassiveTotal provides an update on a massive adversary infrastructure


In February PassiveTotal provided an update on research into a known adversary campaign that has been reported by Kaspersky as APT Command and Control in the Sky. Bob Gourley.

Looking Back: 2015 Project Report Card

Scott Lowe

Make more open source contributions. Make more open source contributions: I expected this one to be easy, but it turns out that this is the area where my performance is the worst. I submitted a pull request to Terraform (for a docs update), but I did not make the contributions I had expected (or planned) to make to projects like OpenStack , Open vSwitch (OVS) , or Open Virtual Network (OVN).

Looking Back: 2012 Project Report Card

Scott Lowe

Become more familiar with Xen (and Open vSwitch and OpenStack). My work with Open vSwitch (OVS) was pretty good, probably the best out of the group. Looking Back: 2012 Project Report Card. Open Source Tools and Projects I Should Learn. About a year ago, I posted a look at my planned projects for 2012. Now, a year later, it’s time to review my progress (or lack thereof) and measure myself on how well I did (or didn’t) do on those projects.

Emerging Technologies To Power Your Systems Of Insight

Forrester IT

In 2015, Ted Schadler and I published the first of my ideas in the report " Digital Insights Are The New Currency Of Business." " In that report, we pointed out what was wrong - big data only focused on how to turn more data into more insight. In that report we defined a system of insight , which focused big data energy on implementing insights in software using closed loops that create action and continous learning.

System 307

Navigate The Kubernetes Ecosystem

Forrester IT

Open source frameworks and commercial solutions such as CoreOS Tectonic, Mesosphere DC/OS, and Docker Datacenter (as part of Docker Enterprise Edition) can cover most of the major enterprise features around container orchestration. There are also open source tools that include some but not all orchestration features, such as Apache Mesos for task scheduling and etcd for service discovery.

Understanding Readium – Features, Architecture and Alternatives


The Open Source Foundation aims to develop technology for expediting the adoption of ePUB3 and the Open Web Platform by the Digital Publishing Industry. It strives to deliver leading-edge functionality that is fully specified, free, open, and interoperable.

Looking Back: 2013 Project Report Card

Scott Lowe

If anyone has any other suggestions for additional tools, I’m open to your feedback. Continue using Puppet for automation: I’ve made reasonable progress here, expanding my use of Puppet to include managing Debian/Ubuntu software repositories (see here and here for examples), managing SSH keys , managing Open vSwitch (OVS) via a third-party module, and—most recently—exploring the use of Puppet with OpenStack (no blog posts— yet ).

Fad? No, containers are here to stay

David Linthicum

You probably already assumed this, but RightScale's new State of the Cloud report confirms that containers -- exemplified by Docker and CoreOS -- are undergoing rapid growth. Dig into the the red-hot open source framework in InfoWorld's beginner's guide to Docker. Indeed, I see the same trend in my research. The quick uptake of containers makes a lot of sense given what they offer. [ Pick it up today! |

Twitter engineers pushed to replace ‘master’ and ‘slave’ programming terms

The Verge

Twitter engineers have been working since January on an internal effort to replace problematic yet commonplace programming language like “master” and “slave,” CNET reported. Illustration by Alex Castro / The Verge.

S3motion Buckets Containers Objects AWS S3 Cloud and EMCcode

Storage IO Blog

It’s springtime in Kentucky and recently I had the opportunity to have a conversation with Kendrick Coleman to talk about S3motion, Buckets, Containers, Objects, AWS S3, Cloud and Object Storage, node.js, EMCcode and open source among other related topics which are available in a podcast here, or video here and available at