Secure software development education report from the Linux Foundation
Wednesday, August 7, 2024 by Richard Harris
Linux Foundation Research and the Open Source Security Foundation (OpenSSF) are pleased to release a new report titled "Secure Software Development Education 2024 Survey: Understanding Current Needs." Based on a survey of nearly 400 software development professionals, the analysis explores the current state of secure software development. It underscores&n...
Multi platform apps are becoming more popular
Tuesday, June 18, 2024 by Brittany Hainzinger
Candy Crush Saga is one of the world’s most popular video games, with more than 5 billion downloads. That’s partly because gamers can play it anywhere. It offers versions for multiple platforms, including Android, iOS, and Windows: a practice known as multihoming.
Smaller developers, however, often decide not to pursue multiple platforms because it&r...
Social engineering takeover attacks are on the rise
Thursday, April 18, 2024 by Brittany Hainzinger
OpenSSF and the OpenJS Foundation (home to JavaScript projects used by billions of websites worldwide) are alerting open-source project maintainers of social engineering takeover attacks, following new attack attempts they’ve witnessed similar to the XZ Utils incident.
The OpenJS Cross Project Council received suspicious emails, imploring OpenJS to update one o...
ONCD asks software manufacturers to adopt memory safe languages
Tuesday, March 5, 2024 by Richard Harris
The White House Office of the National Cyber Director (ONCD) has released a new report asking software manufacturers to adopt memory-safe programming languages to help reduce vulnerabilities from entering the supply chain.
"For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way. This repo...
Truck driver training app helps prevent food supply shortage
Tuesday, April 28, 2020 by Brittany Hainzinger
While the U.S. is still producing plenty of food and other goods, the process of delivering such supplies to consumers has been heavily affected by the coronavirus crisis. Experts warn that labor problems (particularly with the growing shortage of truck drivers) could pose a serious threat to the food supply chain. "We need to train more drivers as quickly as possi...
Diffusion Cloud now free from Push Technology
Tuesday, March 31, 2020 by Brittany Hainzinger
Push Technology announced that it will provide Diffusion Cloud, Push Technology’s Real-Time API Management Cloud Platform, free for all existing customers and new customers developing systems in the cloud during these challenging times. The unprecedented offer is truly free as it includes: no restrictions on message or connection volume; free onboarding and operat...
Linux and LISH release census for open source security
Wednesday, February 19, 2020 by Brittany Hainzinger
The Linux Foundation’s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH), announced the release of ‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software.
This Census II analysis and report represent important steps towards understanding and addressing structural and s...
How Pycom wants to help IoT developers
Tuesday, December 4, 2018 by Richard Harris
Although IoT development is increasingly on the rise, challenges still exist in the development and manufacturing process that prevents a streamlined workflow for developers.
In this interview, Fred de Haro, CEO, and co-founder at Pycom discusses the company’s new consumer-focused developer offering, and shares insight into the current challenges developers are...
Universal ERC20 to ERC20 bridge releases by POA Network
Monday, December 3, 2018 by Christian Hargrave
POA Network has released a universal open-source ERC20 to ERC20 bridge. TokenBridge, the simple two-way bridge for ERC20 tokens, enables any project in the Ethereum ecosystem to seamlessly interact with any other project by exchanging ERC20 tokens within a single wallet.
Igor Barinov, POA Network Tech Lead, said: “One of POA Network’s goals is to build th...
IAST supports AppSec efficiencies while cutting costs and headaches
Monday, November 26, 2018 by Asma Zubair
It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....
Alibaba Computing Conference 2018 yields partnership with MariaDB
Friday, September 21, 2018 by Richard Harris
Alibaba Cloud and MariaDB Corporation have announced the general availability of ApsaraDB Relational Database Service (RDS) for MariaDB TX at The Computing Conference 2018 hosted by Alibaba.
With this partnership, the two companies will now offer enterprises direct support for MariaDB database deployments in the Alibaba Cloud and provide access to MariaDB’s mos...
Tidelift surpasses $1M to pay open source software maintainers
Friday, September 21, 2018 by Christian Hargrave
Tidelift announced that it has surpassed one million dollars committed via its platform to pay open source software maintainers to provide professional assurances for their projects, as momentum behind this new approach to professional open source continues to build. Over 100 packages are already on the Tidelift platform, with maintainers getting paid to provide support...
Former Cisco GM joins Voxbone CaaS
Tuesday, September 11, 2018 by Christian Hargrave
Voxbone's mission has been bolstered by the addition of a new board member, Dr. Jens Meggers. Voxbone powers many enterprise cloud communications platforms with on-demand voice and messaging services via API. Meggers’ experience will be indispensable as Voxbone pushes further into the complex realm of enterprise infrastructures.
As former senior vice ...
Free mobile maps and traffic tiles for developers from new TomTom SDK
Thursday, September 6, 2018 by Richard Harris
When Google Maps increased the prices developers have to pay for the privlage of using them, many a developer went scurrying to find alternatives because even though there is a bit of "credit" they apply to your account, charges climb very quickly.
But at TechCrunch Disrupt SF, TomTom has announced that it will offer free maps and traffic tiles on its ...
State of DevOps in 2018
Thursday, August 30, 2018 by Richard Harris
DevOps Research and Assessment announced it has launched their latest report “Accelerate: State of DevOps 2018: Strategies for a New Economy” in collaboration with Google Cloud. Nearly 1,900 technical professionals worldwide participated in this year’s study, contributing to research findings that drive excellence in the industry and allow organization...
Merged mining partnership between Bitmain and Elastos
Tuesday, August 28, 2018 by Christian Hargrave
Elastos (ELA) announced a merged mining partnership with Bitmain Technologies. The merged mining partnership means that for miners and future users of the smart web platform, it guarantees the security of the Bitcoin network by sharing its hashpower. Merged mining allows Bitcoin (BTC) and the ELA coin to be mined simultaneously and more efficiently, and conserves energy...
Open Source ABL code release with Spark Toolkit
Tuesday, August 21, 2018 by Christian Hargrave
Progress has announced the release of Progress Spark Toolkit, a set of open source Advanced Business Language (ABL) code and recommended best-practices to enable organizations to evolve existing applications and extend their capabilities to meet market demands.
“It has also enabled us to contribute to, and impact, the efforts of other Progress customers and par...
Using GitHub in the classroom helps developers feel more included
Friday, August 17, 2018 by Richard Harris
A GitHub survey conducted with a combined 8,000 college professors and students has concluded in order to weigh in on whether experience-based or traditional computer science teaching methods proves to work best. In the study, Github measured the predicted learning outcomes from classes that utilized GitHub in their learning experience and those that did not.
GitHub ...
Open Source security comes to GitHub
Thursday, August 16, 2018 by Richard Harris
Sonatype announced Sonatype DepShield, a new GitHub application that enables developers to experience basic open source security governance, free of charge. Powered by Sonatype’s OSS Index, DepShield integrates directly into GitHub repositories and allows developers to easily identify and avoid using open source components with known vulnerabilities.
“The...
Flexera issues warning about Cyberattacks
Tuesday, October 24, 2017 by Christian Hargrave
As 143 million Equifax consumers continue to pick up the pieces from stolen Social Security numbers, birth dates, drivers’ licenses, addresses and credit card numbers, Flexera has another warning - expect a long tail of incidents and breaches in the months and years to come.Flexera surveyed over 400 software suppliers, Internet of Things (IoT) manufacturers and in-house...
WhiteSource Bolt detects vulnerable open source components
Thursday, March 30, 2017 by Richard Harris
WhiteSource, a continuous open source security and compliance management company, has announced the launch of a new open source management tool integrated within the Microsoft Visual Studio Team Services (VSTS) and Team Foundation Server (TFS) platforms - the WhiteSource Bolt (Bolt).Bolt is fully immersed within the VSTS and TFS products, so users can detect vulnerable ...
Dashlane and Google Partner up to Bring Us Better Login Security
Thursday, August 4, 2016 by Richard Harris
Google is officially putting their stamp of approval on password managers. Millions of people use password managers, like Dashlane, as they are the best way to secure account login/authentication. Dashlane and Google just announced that they are establishing a new open-source API that will enhance user security. Google is looking to innovate beyond curren...