open source

40 open-source tools redefining how security teams secure the stack

Android, cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

40 open-source tools redefining how security teams secure the stack 2025-12-11 at 09:07 By Anamarija Pogorelec Open source security software has become a key way for teams to get flexibility, transparency, and capability without licensing costs. The free tools in this roundup address problems security teams deal with, from managing large environments to catching misconfigurations […]

40 open-source tools redefining how security teams secure the stack Read More »

UTMStack: Open-source unified threat management platform

cybersecurity, Don't miss, GitHub, News, open source, software, Threat Intelligence /

UTMStack: Open-source unified threat management platform 2025-12-10 at 08:52 By Sinisa Markovic UTMStack is an open-source unified threat management platform that brings SIEM and XDR features into one system. The project focuses on real time correlation of log data, threat intelligence, and malware activity patterns gathered from different sources. The goal is to help organizations

UTMStack: Open-source unified threat management platform Read More »

The Bastion: Open-source access control for complex infrastructure

Don't miss, GitHub, News, open source, OVHcloud, software /

The Bastion: Open-source access control for complex infrastructure 2025-12-08 at 09:56 By Anamarija Pogorelec Operational teams know that access sprawl grows fast. Servers, virtual machines and network gear all need hands-on work and each new system adds more identities to manage. A bastion host tries to bring order to this problem. It acts as a

The Bastion: Open-source access control for complex infrastructure Read More »

Portmaster: Open-source application firewall

Don't miss, EU, firewall, GitHub, Hot stuff, News, open source, Privacy, software /

Portmaster: Open-source application firewall 2025-12-03 at 08:11 By Anamarija Pogorelec Portmaster is a free and open source application firewall built to monitor and control network activity on Windows and Linux. The project is developed in the EU and is designed to give users stronger privacy without asking them to manage every rule by hand. A

Portmaster: Open-source application firewall Read More »

Hottest cybersecurity open-source tools of the month: November 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: November 2025 2025-11-27 at 09:00 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Heisenberg: Open-source software supply chain health check tool Heisenberg is an open-source tool that checks the health of a software supply chain.

Hottest cybersecurity open-source tools of the month: November 2025 Read More »

DeepTeam: Open-source LLM red teaming framework

Don't miss, framework, GitHub, LLMs, News, open source, prompt injection, red team, software /

DeepTeam: Open-source LLM red teaming framework 2025-11-26 at 07:37 By Sinisa Markovic Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an open-source framework built to probe these systems before they reach users, and it takes

DeepTeam: Open-source LLM red teaming framework Read More »

cnspec: Open-source, cloud-native security and policy project

automation, cloud security, DevSecOps, Don't miss, GitHub, News, open source, software /

cnspec: Open-source, cloud-native security and policy project 2025-11-24 at 08:32 By Sinisa Markovic cnspec is an open source tool that helps when you are trying to keep a sprawling setup of clouds, containers, APIs and endpoints under control. It checks security and compliance across all of it, which makes it easier to see what needs

cnspec: Open-source, cloud-native security and policy project Read More »

What happens when vulnerability scores fall apart?

CVE, cybersecurity, News, open source, report, risk, software development, Sonatype, vulnerability disclosure /

What happens when vulnerability scores fall apart? 2025-11-24 at 07:54 By Anamarija Pogorelec Security leaders depend on vulnerability data to guide decisions, but the system supplying that data is struggling. An analysis from Sonatype shows that core vulnerability indexes no longer deliver the consistency or speed needed for the current software environment. A system that

What happens when vulnerability scores fall apart? Read More »

Metis: Open-source, AI-driven tool for deep security code review

Arm, Artificial Intelligence, code analysis, code review, Don't miss, GitHub, LLMs, News, open source, software /

Metis: Open-source, AI-driven tool for deep security code review 2025-11-19 at 08:06 By Anamarija Pogorelec Metis is an open source tool that uses AI to help engineers run deep security reviews on code. Arm’s product security team built Metis to spot subtle flaws that are often buried in large or aging codebases where traditional tools

Metis: Open-source, AI-driven tool for deep security code review Read More »

Strix: Open-source AI agents for penetration testing

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Strix: Open-source AI agents for penetration testing 2025-11-17 at 16:32 By Sinisa Markovic Security teams know that application flaws tend to show up at the worst time. Strix presents itself as an open source way to catch them earlier by using autonomous agents that behave like human attackers. These agents run code, explore an application,

Strix: Open-source AI agents for penetration testing Read More »

Sprout: Open-source bootloader built for speed and security

Edera, GitHub, Linux, News, open source /

Sprout: Open-source bootloader built for speed and security 2025-11-13 at 08:26 By Sinisa Markovic Sprout is an open-source bootloader that delivers sub-second boot times and uses a clean, data-driven configuration format that works across operating systems. “We built Sprout because we were frustrated by how fragile and slow traditional bootloaders are,” said Alex Zenla, CTO

Sprout: Open-source bootloader built for speed and security Read More »

ProxyBridge: Open-source proxy routing for Windows applications

Don't miss, GitHub, News, open source, Proxy, software, Windows /

ProxyBridge: Open-source proxy routing for Windows applications 2025-11-12 at 10:44 By Sinisa Markovic ProxyBridge is a lightweight, open-source tool that lets Windows users route network traffic from specific applications through SOCKS5 or HTTP proxies. It can redirect both TCP and UDP traffic and gives users the option to route, block, or allow connections on a

ProxyBridge: Open-source proxy routing for Windows applications Read More »

GNU Coreutils 9.9 brings fixes and updates across essential tools

Linux, News, open source, software /

GNU Coreutils 9.9 brings fixes and updates across essential tools 2025-11-11 at 16:59 By Anamarija Pogorelec GNU Coreutils is the backbone of many enterprise Linux environments. It provides the basic file, shell, and text utilities that every GNU-based system depends on. The latest release, version 9.9, refines these tools with fixes and performance improvements. Several

GNU Coreutils 9.9 brings fixes and updates across essential tools Read More »

sqlmap: Open-source SQL injection and database takeover tool

Don't miss, GitHub, News, open source, penetration testing, scanner, scanning, software /

sqlmap: Open-source SQL injection and database takeover tool 2025-11-10 at 11:28 By Sinisa Markovic Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an open-source penetration testing tool that automates the detection and exploitation of SQL injection flaws and

sqlmap: Open-source SQL injection and database takeover tool Read More »

OpenGuardrails: A new open-source model aims to make AI safer for real-world use

Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, GitHub, Hexnode, Hot stuff, InfluxData, LLMs, News, open source, system hardening /

OpenGuardrails: A new open-source model aims to make AI safer for real-world use 2025-11-06 at 10:28 By Mirko Zorz When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful

OpenGuardrails: A new open-source model aims to make AI safer for real-world use Read More »

PortGPT: How researchers taught an AI to backport security patches automatically

Artificial Intelligence, automation, Canonical, CISO, cybersecurity, DevSecOps, Don't miss, Features, Git, Hot stuff, Linux, LLMs, News, open source, patching, research, strategy, tips /

PortGPT: How researchers taught an AI to backport security patches automatically 2025-11-05 at 09:07 By Mirko Zorz Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that

PortGPT: How researchers taught an AI to backport security patches automatically Read More »

VulnRisk: Open-source vulnerability risk assessment platform

Don't miss, GitHub, News, open source, risk assessment, software, vulnerability management /

VulnRisk: Open-source vulnerability risk assessment platform 2025-11-05 at 09:07 By Anamarija Pogorelec VulnRisk is an open-source platform for vulnerability risk assessment. It goes beyond basic CVSS scoring by adding context-aware analysis that reduces noise and highlights what matters. The tool is free to use and designed for local development and testing. The platform’s scoring engine

VulnRisk: Open-source vulnerability risk assessment platform Read More »

Financial services can’t shake security debt

Application Security, cybersecurity, financial industry, News, open source, remediation, report, Veracode /

Financial services can’t shake security debt 2025-11-04 at 07:30 By Anamarija Pogorelec In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” that keeps growing, according to Veracode’s 2025 State of Software Security report. Researchers analyzed data

Financial services can’t shake security debt Read More »

Heisenberg: Open-source software supply chain health check tool

AppOmni, Don't miss, GitHub, News, open source, software, supply chain /

Heisenberg: Open-source software supply chain health check tool 2025-11-03 at 08:30 By Mirko Zorz Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), and external advisories to measure package health, detect risks, and generate reports for individual dependencies

Heisenberg: Open-source software supply chain health check tool Read More »

Shadow AI: New ideas emerge to tackle an old problem in new form

1Password, Artificial Intelligence, Don't miss, Eye Security, Hot stuff, LLMs, News, open source, prompt injection, shadow IT, survey /

Shadow AI: New ideas emerge to tackle an old problem in new form 2025-10-31 at 09:13 By Zeljka Zorz Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe,

Shadow AI: New ideas emerge to tackle an old problem in new form Read More »

Scroll to Top