Open Source

Open Source | News, how-tos, features, reviews, and videos

man typing on laptop search internet web browswer
A 'GitHub social coding' mug sits in a desktop workspace.

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock

21 best free security tools

Check out these free, standout software tools that will make your daily security work easier, whether it's pen-testing, OSINT, vulnerability assessment, and more.

backdoor / abstract security circuits, locks and data blocks

PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure.

Check mark certificate in a binary tunnel / standards / quality control / certification / certifi

New free software signing service aims to strengthen open-source ecosystem

The Linux Foundation's sigstore code-signing software, developed with Google, Red Hat and Purdue University, will help prevent attacks on the software supply chain.

Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.

Dependency confusion explained: Another risk when using open-source repositories

Dependency confusion is a newly discovered logic flaw in the default way software development tools pull third-party packages from public and private repositories. Here's what you need to know.

open source box open box out of the box empty

Using open source for identity projects: 8 considerations

Consider these eight points to decide whether you can securely use open-source code in your identity management projects.

open box / abstract code / open-source code

4 best practices to avoid vulnerabilities in open-source code

Open-source code in public repositories might contain malware or unintentional vulnerabilities. Here's how to best manage finding and mitigating potential problems.

CSO > breakthrough / penetration testing / sledgehammer breaking through a binary wall

Release the monkey! How Infection Monkey tests network security

This free, open source penetration testing tool uses real attacks and real techniques to try and exploit its way into a network.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

information security 2

How to write an information security policy

Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.

Red team versus blue team: How to run an effective simulation

Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.

How to survive (and thrive) in the CISO hot seat

The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.

Special report: platforms play big in the cloud

This latest report in our C-Suite 360 series takes a full-spectrum look at the opportunities and risks in cloud computing, offering up the expert information your organization needs to set its cloud strategy.

Research report: IT security's looming tipping point

Even as security draws board-level attention, many IT professionals give their organizations’ infosec practices low marks. This special report from CIO, CSO and Computerworld reveals how to tip the balance in the right direction.

The CSO identity management survival guide

This guide will help you communicate through the challenges of identity management, learn from success stories and discover the most valuable features of today's identity management tools.

Load More
You Might Also Like