LimaCharlie announces sponsorship of the Intel Owl open source project
Following our recent announcement about supporting the open source community, LimaCharlie is excited to share that we have decided to sponsor the IntelOwl project.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
March 2022
WTF is Open Source
Are you looking to join an existing open source project, but don’t know where to start? Interested in finding out more about open source software in general? Looking to start a personal project but don’t know what to base it on? If the answer is yes, this event could be for you. We will be hosting a panel discussion with amazing leaders within the OS space. They will share everything from how they got involved, what they are working on at the moment as well as share any tips and tricks they learnt along the way.
Protestware is trending in open source: 4 different types and their impact
A few days ago, Snyk reported on a new type of threat vector in the open source community: protestware. The advisory was about a transitive vulnerability — peacenotwar — in node-ipc that impacted the supply chain of a great deal of developers. Snyk uses various intel threat feeds and algorithms to monitor chatter on potential threats to open source, and we believe this may just be the tip of a protestware iceberg.
Opensource from hell: malicious JavaScript distributed via opensource libraries, again
It’s open source, anyone can audit it, but is it safe? In this blog our CSO explores why distribution of malicious scripts via libraries is causing a stir amongst the open-source community and how you can defend against it.
Build a software bill of materials (SBOM) for open source supply chain security
More than ever, developers are building web applications on the foundations of open source software libraries. However, while those libraries make up the software bill of materials (SBOM) components inventory, not all developers and business stakeholders understand the significant impact on open source supply chain security that stems from including 3rd party libraries.
Synopsys contributes to the Linux Foundation Census II of the most widely used open source application libraries
Census II examines the most popular components of free and open source software and highlights the issues affecting the security of these libraries. Last week, the nonprofit Linux Foundation and Harvard’s Lab for Innovation Science published Census II of Free and Open Source Software—Application Libraries. This report identifies more than 1,000 of the most widely deployed open source application libraries.
LimaCharlie announces sponsorship of two open-source projects
At LimaCharlie, we are building a world where people and organizations can realize their full potential without compromising security along the way. We believe that it’s best to leave security in the hands of security professionals while enabling them with powerful tools to do what they can do best. For us, these are not just words. It’s a core belief that guides everything we do. Security is about people.
Snyk Customer Story - Atlassian
Atlassian's Will Ratner, product security engineer, and Sharada Moorthy, security software development engineer, explain why they chose Snyk to scale scanning of containers and open source dependencies for vulnerabilities at Atlassian.