OSS
Has the Altruism Model of Open Source Security Peaked?
With an executive order, the Biden administration attempted to address concerns around open source software’s security. In Section 4 of Executive Order 14028, Improving the Nation’s Cybersecurity, open source and the software ...
Top 10 Open Source Software Risks of 2023
Software supply chain issues continue to be a concerning subject of late. Open source software (OSS) has many benefits, yet relying on many open source dependencies could cause security woes if it ...
Open source brings security risk, but SCA & RASP can help
For a deep dive on the security risks of OSS, listen to Contract CPO Steve Wilson’s conversation with Secure Talk. How secure is your online banking app? Don’t know? Join the club. ...
Three Reasons Why Contrast SCA Is Best Suited for Log4Shell Rapid Response
With Log4j being such a ubiquitous library embedded in tens of millions applications across the Java ecosystem, it’s fairly obvious to understand why the Log4Shell CVE is being treated as a DEFCON ...
Google Shares Format for Open Source Vulnerability Data
Google, in collaboration with several open source communities, today unveiled a schema for describing vulnerabilities in open source software that will make it easier to for developers to track security issues that ...
Open Source: The Positives, the Risks and the Future
In a world that is constantly evaluating costs, it is little wonder that there is an increasing demand for cost-effective solutions to business problems. In the real world, this means ‘free,’ and ...
Contrast Security’s Approach to SCA Enables Vulnerability Prioritization and Faster Remediation
Open Source Is a Mainstay in Modern Development It goes without saying that modern applications are rarely built from scratch today. Open-source software (OSS) communities are well-organized and licensing is usually pretty ...
The Risks Associated with OSS and How to Mitigate Them
Open source has become nearly ubiquitous with Agile and DevOps. It offers development teams the ability to quickly and easily scale their software development life cycles (SDLC). At the same time, open-source ...
Application Vulnerabilities Spike, .NET Applications Appear in the Attack Crosshairs
COVID-19 transformed businesses overnight. Suddenly, more than half of the workforce found themselves working from home and most businesses could no longer meet with customers and prospects in person. Those with mature ...