Microsoft Releases the Source Code You Wanted Almost 30 Years Ago

In the late 1970s and early 1980s, if you had a personal computer there was a fair chance it either booted into some version of Microsoft Basic or you could load and run Basic. There were other versions, of course, especially for very small computers, but the gold standard for …read more

Continue reading Microsoft Releases the Source Code You Wanted Almost 30 Years Ago

How to prevent azure pipelines (yaml) from being used as an attack vector?

Let’s say the following scenario exists:

A git repository exists on Azure DevOps Repos.
The repository uses yaml pipelines (azure-pipelines.yml).
The repository has branch policies to ensure that changes go through pull requests.
The bui… Continue reading How to prevent azure pipelines (yaml) from being used as an attack vector?

Are there any c# .net free software composition analysis tools to check opensource component used and its vulnerabilities and license [closed]

I have situation where I have to anlyse the third party components\libraries used in the code within the license terms and no know vulnerabilities.

I know there are tool name blackduck and whitesource which can meet the expectation, but w… Continue reading Are there any c# .net free software composition analysis tools to check opensource component used and its vulnerabilities and license [closed]