Open Source

The State of Open Source Security Management RSA 2019

Apr 19, 2020 By Mend In Mend

It is no secret - open source has become the main building block in modern applications, and it is almost impossible to develop software at today's pace without it. However, as the open source community grows, and the number of reported vulnerabilities keeps climbing, manually verifying the security and compliance of open source components can no longer provide the necessary control over the security of these components.

View Video

Mend

Read more about The State of Open Source Security Management RSA 2019

Panel Open Source Security - Weighing the Pros and Cons

Apr 19, 2020 By Mend In Mend

Over the past few years, open source has grown in popularity especially among developers using open source code in their application development efforts. In the security space, however, open source hasn’t been as widely embraced, mostly because of concerns over vulnerabilities. But is open source software really less secure?

View Video

Mend

Read more about Panel Open Source Security - Weighing the Pros and Cons

Open Source Analysis Extends Your Visibility

Apr 16, 2020 By Julie Peterson In Mend

When we think of open source analysis, security is often the first thing that comes to mind. But open source analysis is so much more than just security. It gives you visibility into your codebase to help you understand and manage your open source components. In this blog, we’ll define open source analysis, look at why it’s important to your business, and describe the characteristics of an effective open source analysis framework.

Read Post

Mend

Read more about Open Source Analysis Extends Your Visibility

Security Audit Results for Our Open Source Products

Feb 25, 2020 By Russell Jones, Kevin Nisbet In Teleport

We now live in an era where the security of all layers of the software stack is immensely important, and simply open sourcing a code base is not enough to ensure that security vulnerabilities surface and are addressed. At Gravitational, we see it as a necessity to engage a third party that specializes in acting as an adversary, and provide an independent analysis of our sources.

Read Post

Teleport

Read more about Security Audit Results for Our Open Source Products

Open Source Organizational Culture

Feb 19, 2020 By Kafi Payne In Teleport

I am not an engineer. I’m a director of human resources. I don’t work in a technical space, but the concept of open source is fascinating to me as it applies to organizational culture. A company like Gravitational that has intentionally chosen open source as a foundation for our work makes not only a technical decision, but a cultural one. We’re finding that employees and candidates care deeply and appreciate our choice. Open source is a big deal for us.

Read Post

Teleport

Read more about Open Source Organizational Culture

Red Teaming for Blue Teamers: A Practical Approach Using Open Source Tools

Feb 18, 2020 By Travis Smith In Tripwire

For the majority of people in the information security world, the act of offensive hacking is something they are tasked with protecting against but have little ability to do themselves. That is like asking a professional boxer to enter the ring without knowing how to throw a punch. Sure, you may be able to get in and last a few rounds, but eventually, a formidable opponent will wear you down and knock you out.

Read Post

Tripwire

Read more about Red Teaming for Blue Teamers: A Practical Approach Using Open Source Tools

Code Sight IDE Plugin Combines SAST and SCA to Analyze Proprietary and Open Source Code | Synopsys

Feb 12, 2020 By Synopsys In Synopsys

Until now, single analysis tools have given developers only a partial view of security risks – providing either static analysis of proprietary code or software composition analysis of open source. This separation often leads to undetected vulnerabilities, decreased developer productivity, and longer release cycles.

View Video

Synopsys

Read more about Code Sight IDE Plugin Combines SAST and SCA to Analyze Proprietary and Open Source Code | Synopsys

Kondukto Open Source CLI

Dec 13, 2019 By Kondukto In Kondukto

View Video

Kondukto

Read more about Kondukto Open Source CLI

Things You Need to Know About Open Source - The FAQ Edition

May 19, 2019 By Lamar Bailey In Tripwire

Open Source projects can be a great asset, or they can be a curse – it’s all in how you manage it. To be successful in using open source, there are several things to keep in mind, from licensing to updates. And if you ignore any of them, it can cause problems. Here are some things to consider.

Read Post

Tripwire

Read more about Things You Need to Know About Open Source - The FAQ Edition

There's no such thing as 100% secure

Apr 26, 2019 By Joseph Poppy In Bulletproof

When Gronk the caveperson chipped out the first wheel from a slab of granite only to watch it roll away down a hill at some speed, he discovered we could build things to make our lives easier. We took this idea and ran with it, and now we have internet connected shoes. However, we also have cybercrime, data theft, phishing, scams, ransomware... the list goes on.

Read Post