Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.
The company behind one of the most important open source projects in the world is providing a new way to use its framework for IAM (identity and access management) this week.
The plan from the Linux Foundation and OpenSSF presents three goals to improve open-source software security during development and more effectively address vulnerabilities.
The Veracode CTO explains what set the Log4j vulnerabilities apart, how it raised awareness of issues around open source security, and where he sees progress.
At its annual Summit event, Red Hat is rolling out new edge-computing features for the company’s well-known enterprise Linux distribution, and security features for its Advanced Cluster Security for Kubernetes platform.
Catch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.
Researchers, academics, and enthusiasts can now contribute to and benefit from free, open-source security data on software supply chain vulnerabilities.
The NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.
Participants in a White House meeting on securing open-source software expressed optimism for working effectively with government to help prevent Log4j-like events.