Open Source Security Tools and Applications
- April 28, 2015
An open source threat model is aiming to be a repository for risk assessment with the aim of allowing enterprise to focus on creating the right security controls for each business.
- March 23, 2015
A new open source security tool from CERT, dubbed 'Tapioca,' shows that Android app vulnerabilities are ubiquitous, according to new research from IBM.
- March 20, 2015
News roundup: Researchers at the 2015 Pwn2Own exploited every major Web browser, casting doubt on browser security once again. Plus: high-severity OpenSSL update; IE being phased-out in Windows 10; Americans dodging online surveillance.
- March 13, 2015
News roundup: Hillary Clinton's decision to use a private email domain and server has created a firestorm over her email security mistakes. Plus: OpenSSL audit, Blue Coat acquisition, more Equation details emerge.
- February 23, 2015
Use of Cisco's OpenAppID application-layer traffic-detection tool is still modest compared to Snort, but the networking giant says it can help enterprises improve traffic visibility on internal applications.
- February 13, 2015
News roundup: While data sharing can boost intelligence and improve security, recent events show the benefits don't always outweigh the pitfalls. Plus: Chip-enabled POS systems coming quickly; MongoDB databases exposed; sophisticated phishing scams.
- October 08, 2014
Yahoo says a reported attack was not the result of a Shellshock exploit, but researchers have found new vulnerabilities in SSH key-management and network-attached storage systems.
- October 03, 2014
Shellshock and Heartbleed showed how flawed even ubiquitous open-source software components can be, but experts say that doesn't necessarily mean the open-source security model is to blame.
- April 24, 2014
A number of tech giants have pledged financial help to OpenSSL and other open source projects after the Heartbleed bug exposed numerous issues.
- March 04, 2014
Experts say Microsoft's EMET security tool remains valuable to enterprise security teams if used as one layer in a larger security strategy.
- February 25, 2014
The networking giant unveils a new strategy highlighting Sourcefire technology, including new open source application firewall features for Snort.
- December 18, 2013
CloudFlare hopes its open-sourced Red October server encryption software, based on the 'two-man rule,' can help thwart rogue insiders and secure Web.
- December 05, 2013
A new website built by Troy Hunt enables possible data breach victims to discover compromised accounts from several high-profile breaches.
- April 11, 2012
The commonly used tool contains an error that can be executed remotely by attackers, giving them root access to a system. Proof-of-concept code is available, experts warn.
- September 16, 2010
Microsoft's popular Web framework, ASP.NET, fails to protect encrypted cookies that store online credentials on some popular banking and shopping websites.