There's a false sense of security around open source code, according to Trustwave researchers Brandon Myers and Assi Barak. Their deeper point was that open source code is prone to vulnerabilities ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...

Get the latest federal technology news delivered to your inbox. In a pivotal move to enhance cybersecurity earlier this year, the White House Office of the National Cyber Director, in partnership with ...

Earlier this year, a Microsoft developer realized that someone had inserted a backdoor into the code of open source utility XZ Utils, which is used in virtually all Linux operating systems. The ...

SAN FRANCISCO, Feb. 25, 2025 /PRNewswire/ — The Open Source Security Foundation (OpenSSF) is pleased to announce the initial release of the Open Source Project Security Baseline (OSPS Baseline). The ...

In the intricate landscape of software development, the question of whether open source software provides superior security compared to proprietary alternatives has sparked a longstanding debate. The ...

GitHub, Google, IBM, Red Hat, Microsoft, and VMware are just a few founding members of the Linux Foundation’s latest initiative that aims to smash open source software security bugs. OpenSSF’s ...

Government interest in open-source software security is on the rise and reflects the scale upon which this code is utilized across all sectors, including critical infrastructure. The widespread usage ...

Supply chain security startup Socket Inc. announced today that it has raised $40 million in new funding to fuel its mission to modernize security for open-source software and expand its team across ...