Open Source Security – WindowsTechs.com

Open source, open risks: The growing dangers of unregulated generative AI

Posted on June 7, 2024 by Charles Owen-Jackson

While mainstream generative AI models have built-in safety barriers, open-source alternatives have no such restrictions. Here’s what that means for cyber crime. There’s little doubt that open-source is the future of software. According to the 2024 State of Open Source Report, over two-thirds of businesses increased their use of open-source software in the last year. […]

The post Open source, open risks: The growing dangers of unregulated generative AI appeared first on Security Intelligence.

Continue reading Open source, open risks: The growing dangers of unregulated generative AI→

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

Posted on April 8, 2024 by Cedric Pernet

Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat. Continue reading XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor→

Google Offers Bug Bounties for Generative AI Security Vulnerabilities

Posted on October 31, 2023 by Megan Crouse

Google’s Vulnerability Reward Program offers up to $31,337 for discovering potential hazards. Google joins OpenAI and Microsoft in rewarding AI bug hunts. Continue reading Google Offers Bug Bounties for Generative AI Security Vulnerabilities→

Top 10 open-source security and operational risks of 2023

Posted on March 3, 2023 by Franklin Okeke

Many software companies rely on open-source code but lack consistency in how they measure and handle risks and vulnerabilities associated with open-source software, according to a new report.
The post Top 10 open-source security and operational risks o… Continue reading Top 10 open-source security and operational risks of 2023→

What is Microsoft’s Secure Supply Chain Consumption Framework, and why should I use it?

Posted on December 21, 2022 by Simon Bisson

Microsoft has open sourced its framework for managing open source in software development.
The post What is Microsoft’s Secure Supply Chain Consumption Framework, and why should I use it? appeared first on TechRepublic.
Continue reading What is Microsoft’s Secure Supply Chain Consumption Framework, and why should I use it?→

Announcing Synopsys as an OpenChain Project third-party certifier

Posted on June 4, 2021 by Jacob Wilson

Synopsys can measure the maturity of security activities within an open source management framework in compliance with the OpenChain standard and ISO/IEC 5230:2020.
The post Announcing Synopsys as an OpenChain Project third-party certifier appeared f… Continue reading Announcing Synopsys as an OpenChain Project third-party certifier→

What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report

Posted on May 17, 2021 by Fred Bals

As the use of open source has grown, so has the number of vulnerabilities. Uncover the latest findings from the 2021 OSSRA report.
The post What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report appeared first on Software Integrity Bl… Continue reading What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report→

Open source license compliance and dependencies: Peeling back the licensing layers

Posted on May 11, 2021 by Matt Jacobs

How can you successfully navigate open source license compliance? Start with the right tools to identify your dependences and calculate their risks.
The post Open source license compliance and dependencies: Peeling back the licensing layers appeared … Continue reading Open source license compliance and dependencies: Peeling back the licensing layers→

AppSec Decoded: Why organizations can’t ignore open source security

Posted on April 22, 2021 by Synopsys Editorial Team

In this AppSec Decoded interview, we discuss the security and legal risks companies face when open source security vulnerabilities are ignored.
The post AppSec Decoded: Why organizations can’t ignore open source security appeared first on Software In… Continue reading AppSec Decoded: Why organizations can’t ignore open source security→

Assessing the state of mobile application security through the lens of COVID-19

Posted on April 20, 2021 by Synopsys Editorial Team

Are today’s mobile apps secure or do they offer opportunities for attackers? Learn about the state of mobile application security in our new report.
The post Assessing the state of mobile application security through the lens of COVID-19 appeared fir… Continue reading Assessing the state of mobile application security through the lens of COVID-19→