Enterprise Security Vendors Need An Infusion Of Open Source Culture

Forrester IT

This week, I attended IBM’s fifth annual Security Summit in New York City, an exclusive event for a who’s who of IBM’s security customers. age of the customer security & risk collaboration innovation open source Security & Risk

Majority of open source has security flaws

Computer Weekly

Software audit highlights major security weaknesses across all open source software

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Managing open-source security: a legal perspective

Computer Weekly

Open-source software is being used more widely than ever – but do IT leaders understand the legal risks

NSA Releases A New Technology to Open Source Community


Here is their press release : NSA Releases First in Series of Software Products to Open Source Community. The software is “open source,” which means its code is available to the public – in this case, through the Apache Software Foundation. By Bob Gourley.

Open-sourced Technology Levels the Playing Field Between Tech Giants and Startups


The contest between proprietary technology and open source has been ongoing for a decade.Today, some of the most premium technology is open-sourced and free. Even Google's highly prized Borg software is becoming open-sourced. Great benefits with open-source.

McAfee, IBM join forces for global open source cybersecurity initiative

Tech Republic Security

IBM, McAfee and international consortium OASIS are coming together to offer the world a way to develop open source security technologies

We love ideas like this: Open-source hardware could defend against the next generation of hacking


Pearce argue that open-source hardware could be the ultimate key against cyber attacks that companies are trying hard to find on The Conversation : You must have heard about open-source software helping in fighting cyber attacks but imagine open-source hardware doing the same job for you in much better way. Cyber Security NewsRead Prof. Joshua M.

Using Open Source Software in a SecDevOps Environment


On 21 June 2018 the Open Source Software3 Institute is hosting a discussion that should be of high interest to enterprise technologists in the DC/Northern Virginia, Maryland area. From their invite: Come hear from our panelists about how the worlds of Open Source Software and the Secure Development / Operations (SecDevOps) intersect and strengthen one [.].

Community around open-source network security monitor Bro meets at BroCon: 10-12 Oct 2018 Arlington VA


If you work in the network security world you most likely do. Bro is an open-source network security monitor. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. CTO Cyber Security Events NewsDo you know Bro? Bro has successfully bridged the traditional gap between academia and operations since its inception. […].

5 open source alternatives for routing/firewall

Network World

Economical and flexible Open source software offers an economical and flexible option for deploying basic home, SMB or even enterprise networking.

Emerging Threats: Provider of Open Source Threat Intelligence


Emerging Threats - now part of Proofpoint - is a world-leading provider of open source and commercial threat and malware intelligence. Founded in 2003 as a cyber security research community, Emerging Threats has become a de facto standard in network-based malware threat detection. The post Emerging Threats: Provider of Open Source Threat Intelligence appeared first on CTOvision.com.

Al-Qaeda Innovations Correlated To Unauthorized Disclosures By Snowden: Independent Verification Through Open Source Intelligence


Analysts can use Recorded Future to visualize information in multiple intuitive ways that can help draw out insights from an incredible array of sources. Analysis Big Data Cloud Computing CTO Cyber Security DoD and IC Al-Qaeda Edward Snowden National Security Agency snowden

Open Source Security Podcast Ep. 151-- The DARPA Cyber Grand Challenge with David Brumley


Open Source Security Podcast helps listeners better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers, the pair covers a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day

Why is IoT Popular? Because of Open Source, Big Data, Security and SDN

Data Center Knowledge

If you think the IoT is a new thing, think again. Read More. Internet of Things Shared

Red Hat and Black Duck Partner on Open Source Container Security

Data Center Knowledge

Plan to devise new way to screen containerized apps on Docker and other platforms for security vulnerabilities Read More. Shared

- Microsoft vs Open Source

Chief Seattle Greek Blog

In this environment, it sure is tempting to chuck Microsoft’s Office and web products and their complicated Enterprise and Select Agreements in favor of open source equivalents. Sure, you’ll say, Microsoft software is really prone to security flaws and attacks.

Down the rabbit hole, part 2: To ensure security and privacy, open source is required

Network World

I am currently embarking on a quest to make my entire life as private and secure as possible—while still having a good time and enjoying the fruits of the modern world. First, let me start by saying none of this is about open source or free software. This is about privacy and security and absolutely nothing else.

Review: 5 open source alternatives for routers/firewalls

Network World

Open source software offers an economical and flexible option for deploying basic home, SMB or even enterprise networking. These open source products deliver simple routing and networking features, like DHCP and DNS. Plus, they are combined with security functionality, starting with a basic firewall and possibly including antivirus, antispam and Web filtering.

5 open source security tools too good to ignore

Network World

Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked.

Open Security Controller Waiting for Developer Interest

Data Center Knowledge

Intel has contributed its Open Security Controller to the Linux Foundation. Intel Networks Open Source SecurityRead More.

Linux 112

An interview with Robert Fink, Architect of Foundry, Palantir’s open data platform Part Two: Open Source and Open Approaches


Artificial Intelligence CTO Cyber Security News PalantirEditor’s note: This post is the second of a series of three capturing the result of recent interview/discussions I had with Robert Fink of Palantir. The conversation was wide ranging, hitting on topics of design, development environments and a bit on the philosophy of enterprise tech. Several common themes emerged in those topic areas, including […].

Critical flaws found in open-source encryption software VeraCrypt

Network World

A new security audit has found critical vulnerabilities in VeraCrypt, an open-source, full-disk encryption program that's the direct successor of the widely popular, but now defunct, TrueCrypt. Users are encouraged to upgrade to VeraCrypt 1.19, which was released Monday and includes patches for most of the flaws. Some issues remain unpatched because fixing them requires complex changes to the code and in some cases would break backward compatibility with TrueCrypt.

Federal Agencies Using Open Source Solutions More Satisfied with Cloud Security: MeriTalk

Data Center Knowledge

Recent survey says 75 percent of federal IT workers want to move more services to the cloud but are held back by data control concerns. Read More. Shared

ThreatBrief: Strategic Cyber Intelligence Delivered Daily


This is an open source intelligence report modeled after the concept of the President’s Daily Brief (PDB). Every day the analysts of Cognitio succinctly provide insights into global risk and security issues in ways that can reduce your personal and business risks and inform your strategic decision making. Open Source threat briefings are foundational but almost never sufficient for reducing organizational risk.

Why it's time to stop blaming open source for ransomware attacks

Tech Republic Security

Open source may help to make software popular, but it is not making it less secure. Here's why

Managing open-source mobile security and privacy for activists worldwide | Salted Hash Ep 18

Network World

Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the world Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M.

Security for Big Data Designs: Examining best practices with security architect Eddie Garcia


The breakfast event focused on security for big data designs and featured the highly regarded security architect Eddie Garcia. Eddie Garcia is chief security architect at Cloudera , a leader in enterprise analytic data management. By Katie Kennedy.

Open source users: It’s time for extreme vetting

Network World

Open source software is the norm these days rather than the exception. Expand your security career horizons with these essential certifications for smart security pros. Discover how to secure your systems with InfoWorld's Security Report newsletter. ]. InfoWorld: Why is Red Hat getting on the soapbox about open source security? The code is being written in high volumes and turning up in critical applications.

Open-source oriented RISELab emerges at UC Berkeley to make apps smarter & more secure

Network World

UC Berkeley on Monday launched a five-year research collaborative dubbed RISELab that will focus on enabling apps and machines that can interact with the environment around them securely and in real-time. The RISELab (Real-time Intelligence with Secure Execution) is backed by a slew of big name tech and financial firms: Amazon Web Services, Ant Financial, Capital One, Ericsson, GE Digital, Google, Huawei, Intel, IBM, Microsoft and VMWare.

Google open-sources test suite to find crypto bugs

Network World

Working with cryptographic libraries is hard, and a single implementation mistake can result in serious security problems. In cryptography, subtle mistakes can have catastrophic consequences, and mistakes in open source cryptographic software libraries repeat too often and remain undiscovered for too long," Google security engineers Daniel Bleichenbacher and Thai Duong, wrote in a post announcing the project on the Google Security blog.

Accelerated PCAP: An Architecture for Precision Packet Capture and Analysis on High-­?Speed Networks


time view of what is happening within a network, as well as the ability to perform a retrospective review of activity, is critical to understanding and measuring performance, identifying bottlenecks, troubleshooting issues, and securing the environment. By Charles Hall.

New Mozilla fund will pay for security audits of open-source code

Network World

A new Mozilla fund, called Secure Open Source, aims to provide security audits of open-source code, following the discovery of critical security bugs like Heartbleed and Shellshock in key pieces of the software. Mozilla has set up a US$500,000 initial fund that will be used for paying professional security firms to audit project code. The initial fund will cover audits of some widely-used open source libraries and programs.

HackerOne offers bug bounty service for free to open-source projects

Network World

HackerOne, the company behind one of the most popular vulnerability coordination and bug bounty platforms, has decided to make its professional service available to open-source projects for free. Here at HackerOne, open source runs through our veins," the company's representatives said in a blog post. Our company, product, and approach is built on, inspired by, and driven by open source and a culture of collaborative software development.

IBM Acquires Red Hat, Gains a Competitive Edge

Perficient - Digital Transformation

Red Hat is the world’s leading provider of open source cloud software. IBM will become the world’s #1 hybrid cloud provider, offering companies the only open cloud solution that will unlock the full value of the cloud for their businesses.”.

IBM 56

Scale and Speed with Cyber Security


Dealing with the scale that the internet can deliver, has unfortunately left us with a series of other non-optimal cyber security approaches and solutions. Out of all the problems to deal with subverting bureaucracy to enable security scaling is the hardest. FISMA) – if it can’t be automated, don’t require it (and it probably doesn’t give you real security anyway) and third, supply chain: intentionally understanding (and automating) the software supply chain.