Open Source Security Tools and Applications
- April 28, 2015
An open source threat model is aiming to be a repository for risk assessment with the aim of allowing enterprise to focus on creating the right security controls for each business.
- March 23, 2015
A new open source security tool from CERT, dubbed 'Tapioca,' shows that Android app vulnerabilities are ubiquitous, according to new research from IBM.
- March 20, 2015
News roundup: Researchers at the 2015 Pwn2Own exploited every major Web browser, casting doubt on browser security once again. Plus: high-severity OpenSSL update; IE being phased-out in Windows 10; Americans dodging online surveillance.
- March 13, 2015
News roundup: Hillary Clinton's decision to use a private email domain and server has created a firestorm over her email security mistakes. Plus: OpenSSL audit, Blue Coat acquisition, more Equation details emerge.
- February 23, 2015
Use of Cisco's OpenAppID application-layer traffic-detection tool is still modest compared to Snort, but the networking giant says it can help enterprises improve traffic visibility on internal applications.
- February 13, 2015
News roundup: While data sharing can boost intelligence and improve security, recent events show the benefits don't always outweigh the pitfalls. Plus: Chip-enabled POS systems coming quickly; MongoDB databases exposed; sophisticated phishing scams.
- October 08, 2014
Yahoo says a reported attack was not the result of a Shellshock exploit, but researchers have found new vulnerabilities in SSH key-management and network-attached storage systems.
- October 03, 2014
Shellshock and Heartbleed showed how flawed even ubiquitous open-source software components can be, but experts say that doesn't necessarily mean the open-source security model is to blame.
- April 24, 2014
A number of tech giants have pledged financial help to OpenSSL and other open source projects after the Heartbleed bug exposed numerous issues.
- March 04, 2014
Experts say Microsoft's EMET security tool remains valuable to enterprise security teams if used as one layer in a larger security strategy.