Collaborate Disseminate
Inspect is the first AI safety testing platform created by a state-backed body to be made freely available to the global AI community. Continue reading U.K.’s AI Safety Institute Launches Open-Source Testing Platform
New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed versio… Continue reading Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
AI has captured widespread interest and offers numerous benefits. However, its rapid advancement and widespread adoption raise concerns, especially for those of us in cybersecurity. With so much interest, there are lots of insecure applications finding… Continue reading Is an open-source AI vulnerability next?
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, mak… Continue reading OWASP dep-scan: Open-source security and risk audit tool
BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries. BLint featu… Continue reading BLint: Open-source tool to check the security properties of your executables
In this Help Net Security interview, Dana Wang, Chief Architect at OpenSSF, discusses the most significant barriers to improving open-source software security (OSS security) and opportunities for overcoming these challenges. The OpenSSF community has d… Continue reading Establishing a security baseline for open source projects
In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software. One of the core issues around open-source vulnerability patch management … Continue reading How AI affects vulnerability management in open-source software
Nmap is a free, open-source tool for network discovery and security auditing. It’s valued by systems and network administrators for network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap identifies avai… Continue reading Nmap 7.95 released: New OS and service detection signatures
Cybersecurity is a relatively new challenge for many IoT device makers who have traditionally produced non-connected devices. These devices were less vulnerable to exploitation and, as a result, manufacturers often lack the expertise and experience nee… Continue reading Regulators are coming for IoT device security
Pktstat is an open-source tool that is a straightforward alternative to ncurses-based Pktstat. On Linux, it utilizes AF_PACKET, while on other platforms, it employs generic PCAP live wire capture. Pktstat is a versatile tool that doesn’t rely on … Continue reading Pktstat: Open-source ethernet interface traffic monitor