Open Source information, news, and how-to advice

InfoSec at Your ServiceBy Michelle Drolet

5 open source intrusion detection tools that are too good to ignore

Everyone should employ an intrusion detection system (IDS) to monitor their network and flag any suspicious activity or automatically shut down potentially malicious traffic. We look at five of the best open source options.

video

Craig McLuckie and Joe Beda, creators of Kubernetes | True Technologist Ep 4

In this episode of True Technologist, the inventors of the open source project Kubernetes, Craig McLuckie and Joe Beda, talk about the technology's benefits in the enterprise

video

Matei Zaharia, creator of the Apache Spark project, on the big data framework | True Technologist Ep 2

In this episode of True Technologist, host Eric Knorr talks with Matei Zaharia, chief technologist at Databricks and an assistant professor of computer science at Stanford, about the Apache Spark and Apache Mesos projects

video

JavaScript creator Brendan Eich, on the genesis of the popular programming language | True Technologist Ep 1

In this episode of True Technologist, Brendan Eich, creator of the JavaScript language and cofounder of Mozilla, describes the hectic and challenging early days of bringing JavaScript to market, as well as his new company, Brave...

Privacy and Security FanaticBy Ms. Smith

Do you fully trust Microsoft with GitHub?

With Microsoft acquiring GitHub, users have to decide if they will leave their repositories on GitHub or move backup copies to GitLab.

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock

Feature

24 best free security tools

Check out these 24 free, standout software tools that will make your daily security work easier.

Secure from the StartBy Chris Wysopal
IDG Contributor Network

The good, the bad & the ugly of using open source code components

Component use in development is here to stay. But so are the vulnerabilities lurking in these code snippets. What do developers think about this? Are they concerned, are they frustrated? What’s their take on this problem? We recently...

video

What is Kubernetes?

In this 90-second video, learn about Kubernetes, the open-source system for automating containerized applications, from one of the technology's inventors, Joe Beda, founder and CTO at Heptio.

Feature

Open source software security challenges persist

Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.

video

Managing open-source mobile security and privacy for activists worldwide | Salted Hash Ep 18

Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the...

News Analysis

Are the BSDs dying? Some security researchers think so

To few eyeballs on code is a security issue. Can FreeBSD, OpenBSD, and NetBSD survive?

open source alternatives routing firewall 1

Open Source SecurityBy Guy Podjarny
IDG Contributor Network

What do open source maintainers know about security?

Open source consumers and maintainers were asked about their security expertise.

Open Source SecurityBy Guy Podjarny
IDG Contributor Network

Don't build security tools, build developer tools instead

Stop building security tools that think about dev, and start building dev tools that handle security.

video

The Rust language: Developing safer software

Get up to speed quickly on newcomer Rust, designed to create fast, system-level software. This two-minute animated explainer shows how Rust bypasses the vexing programming issues of memory and management.

Secure from the StartBy Chris Wysopal
IDG Contributor Network

Is 'secure open source component use' an oxymoron?

Component use in development isn’t going away, and neither is its accompanying risk.

Internet of things smart city with icons

What’s Next for Enterprise Security?By Jacek Materna
IDG Contributor Network

Security starts at source code — in the cloud

Enterprises are overwhelmed, spending more every year and still losing. Something is missing. By ignoring the root cause of the issue, vendors are simply stacking more and more software on top the same post-deployment problem.

Analysis

What is the Heartbleed bug, how does it work and how was it fixed?

The mistake that caused the Heartbleed vulnerability can be traced to a single line of code in OpenSSL, an open source code library. Here's how Heartbleed works and how to fix it if you have an unpatched server.

News Analysis

Open Source

Open Source | News, how-tos, features, reviews, and videos

5 open source intrusion detection tools that are too good to ignore

Everyone should employ an intrusion detection system (IDS) to monitor their network and flag any suspicious activity or automatically shut down potentially malicious traffic. We look at five of the best open source options.

Craig McLuckie and Joe Beda, creators of Kubernetes | True Technologist Ep 4

In this episode of True Technologist, the inventors of the open source project Kubernetes, Craig McLuckie and Joe Beda, talk about the technology's benefits in the enterprise

Matei Zaharia, creator of the Apache Spark project, on the big data framework | True Technologist Ep 2

In this episode of True Technologist, host Eric Knorr talks with Matei Zaharia, chief technologist at Databricks and an assistant professor of computer science at Stanford, about the Apache Spark and Apache Mesos projects

JavaScript creator Brendan Eich, on the genesis of the popular programming language | True Technologist Ep 1

In this episode of True Technologist, Brendan Eich, creator of the JavaScript language and cofounder of Mozilla, describes the hectic and challenging early days of bringing JavaScript to market, as well as his new company, Brave...

Do you fully trust Microsoft with GitHub?

With Microsoft acquiring GitHub, users have to decide if they will leave their repositories on GitHub or move backup copies to GitLab.

24 best free security tools

Check out these 24 free, standout software tools that will make your daily security work easier.

The good, the bad & the ugly of using open source code components

Component use in development is here to stay. But so are the vulnerabilities lurking in these code snippets. What do developers think about this? Are they concerned, are they frustrated? What’s their take on this problem? We recently...

What is Kubernetes?

In this 90-second video, learn about Kubernetes, the open-source system for automating containerized applications, from one of the technology's inventors, Joe Beda, founder and CTO at Heptio.

Open source software security challenges persist

Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.

Managing open-source mobile security and privacy for activists worldwide | Salted Hash Ep 18

Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the...

Are the BSDs dying? Some security researchers think so

To few eyeballs on code is a security issue. Can FreeBSD, OpenBSD, and NetBSD survive?

What do open source maintainers know about security?

Open source consumers and maintainers were asked about their security expertise.

Don't build security tools, build developer tools instead

Stop building security tools that think about dev, and start building dev tools that handle security.

The Rust language: Developing safer software

Get up to speed quickly on newcomer Rust, designed to create fast, system-level software. This two-minute animated explainer shows how Rust bypasses the vexing programming issues of memory and management.

Is 'secure open source component use' an oxymoron?

Component use in development isn’t going away, and neither is its accompanying risk.

Security starts at source code — in the cloud

Enterprises are overwhelmed, spending more every year and still losing. Something is missing. By ignoring the root cause of the issue, vendors are simply stacking more and more software on top the same post-deployment problem.

What is the Heartbleed bug, how does it work and how was it fixed?

The mistake that caused the Heartbleed vulnerability can be traced to a single line of code in OpenSSL, an open source code library. Here's how Heartbleed works and how to fix it if you have an unpatched server.

Malicious code in the Node.js npm registry shakes open source trust model

Bad actors using typo-squatting place 39 malicious packages in npm that went undetected for two weeks. How should the open source community respond?