Funding/M&A Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion. Ryan NaraineJuly 25, 2024
Application Security US, Allies Warn of Memory Unsafety Risks in Open Source Software Most critical open source software contains code written in a memory unsafe language, US, Australian, and Canadian government agencies warn. Ionut ArghireJune 27, 2024
Cloud Security New Open Source Tool Hunts for APT Activity in the Cloud The CloudGrappler open source tool can detect the presence of known threat actors in cloud environments. Ionut ArghireMarch 11, 2024
Application Security CISA Outlines Efforts to Secure Open Source Software Concluding a two-day OSS security summit, CISA details key actions to help improve open source security. Ionut ArghireMarch 8, 2024
ICS/OT Cisco Releases Open Source Backplane Traffic Visibility Tool for OT Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT. Eduard KovacsMarch 6, 2024
Fraud & Identity Theft Linux Foundation Tackles Financial Fraud With Open Source Platform The open source platform Tazama provides cost-effective monitoring of digital financial transactions to prevent fraud in real time. Ionut ArghireMarch 4, 2024
Threat Intelligence From Open Source to Enterprise Ready: 4 Pillars to Meet Your Security Requirements Open source is a great way to test the waters and define requirements. But when looking at putting a platform into production, an enterprise-ready... Marc SolomonFebruary 26, 2024
Application Security Google Open Sources AI-Aided Fuzzing Framework Google has released its fuzzing framework in open source to boost the ability of developers and researchers to identify vulnerabilities. Ionut ArghireFebruary 5, 2024
Supply Chain Security New Offerings From Protect AI, Venafi Tackle Software Supply Chain Security Two new products aim to secure the traditional OSS supply chain, and the new AI model software supply chain. Kevin TownsendJanuary 25, 2024
ICS/OT New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding A new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions from each... Eduard KovacsOctober 25, 2023
Vulnerabilities Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Dozens of Squid caching proxy vulnerabilities remain unpatched two years after a researcher reported them to developers. Eduard KovacsOctober 13, 2023
Government US Government Releases Security Guidance for Open Source Software in OT, ICS CISA, FBI, NSA, and US Treasury published new guidance on improving the security of open source software in OT and ICS. Ionut ArghireOctober 11, 2023