software

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave

Don't miss, GitHub, Hot stuff, macOS, News, open source, software /

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave 2024-07-31 at 07:02 By Help Net Security Secretive is an open-source, user-friendly app designed to store and manage SSH keys within the Secure Enclave. Typically, SSH keys are stored on disk with appropriate permissions, which is usually sufficient. However, it’s not overly […]

React to this headline:

Loading spinner

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave Read More »

Review: Action1 – Simple and powerful patch management

Action1, cybersecurity, Don't miss, Hot stuff, MFA, News, patching, Review, Reviews, SaaS, software /

Review: Action1 – Simple and powerful patch management 2024-07-30 at 07:16 By Help Net Security Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open issue for many organizations. Patch management is not yet a commodity, and substantial improvements can

React to this headline:

Loading spinner

Review: Action1 – Simple and powerful patch management Read More »

Cirrus: Open-source Google Cloud forensic collection

cloud security, computer forensics, cybersecurity, digital forensics, Don't miss, GitHub, Hot stuff, News, open source, software, Sygnia /

Cirrus: Open-source Google Cloud forensic collection 2024-07-29 at 07:16 By Mirko Zorz Cirrus is an open-source Python-based tool designed to streamline Google Cloud forensic evidence collection. It can streamline environment access and evidence collection in investigations involving Google Workspace and GCP. The tool simplifies incident response activities and enhances an organization’s security posture. Key features

React to this headline:

Loading spinner

Cirrus: Open-source Google Cloud forensic collection Read More »

Learning from CrowdStrike’s quality assurance failures

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, security testing, software, update /

Learning from CrowdStrike’s quality assurance failures 2024-07-25 at 13:01 By Help Net Security CrowdStrike has released a preliminary Post Incident Review (PIR) of how the flawed Falcon Sensor update made its way to millions of Windows systems and pushed them into a “Blue Screen of Death” loop. The PIR is a bit confusing to read

React to this headline:

Loading spinner

Learning from CrowdStrike’s quality assurance failures Read More »

Infisical: Open-source secret management platform

Don't miss, GitHub, Hot stuff, News, open source, software /

Infisical: Open-source secret management platform 2024-07-24 at 07:01 By Help Net Security Infisical is an open-source secret management platform developers use to centralize application configurations and secrets, such as API keys and database credentials, while also managing their internal PKI. In addition to managing secrets with Infisical, you can scan your files, directories, and Git

React to this headline:

Loading spinner

Infisical: Open-source secret management platform Read More »

Confidential AI: Enabling secure processing of sensitive data

Artificial Intelligence, Compliance, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, Intel, News, opinion, software /

Confidential AI: Enabling secure processing of sensitive data 2024-07-23 at 06:01 By Mirko Zorz In this Help Net Security interview, Anand Pashupathy, VP & GM, Security Software & Services Division at Intel, explains how Intel’s approach to confidential computing, particularly at the silicon level, enhances data protection for AI applications and how collaborations with technology

React to this headline:

Loading spinner

Confidential AI: Enabling secure processing of sensitive data Read More »

Shuffle Automation: Open-source security automation platform

automation, Don't miss, GitHub, Hot stuff, News, open source, security operations, software /

Shuffle Automation: Open-source security automation platform 2024-07-22 at 07:01 By Mirko Zorz Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process. It’s designed to integrate with Managed Security Service Providers (MSSPs) and other service providers. Key features Feature-rich workflow editor. App creator

React to this headline:

Loading spinner

Shuffle Automation: Open-source security automation platform Read More »

One-third of dev professionals unfamiliar with secure coding practices

code, News, OpenSSF, report, software, software development, survey, The Linux Foundation, training /

One-third of dev professionals unfamiliar with secure coding practices 2024-07-19 at 07:01 By Help Net Security Attackers consistently discover and exploit software vulnerabilities, highlighting the increasing importance of robust software security, according to OpenSSF and the Linux Foundation. Despite this, many developers lack the essential knowledge and skills to effectively implement secure software development. Lack

React to this headline:

Loading spinner

One-third of dev professionals unfamiliar with secure coding practices Read More »

Grype: Open-source vulnerability scanner for container images, filesystems

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software /

Grype: Open-source vulnerability scanner for container images, filesystems 2024-07-18 at 06:31 By Help Net Security Grype is an open-source vulnerability scanner designed for container images and filesystems that seamlessly integrates with Syft, a powerful Software Bill of Materials (SBOM) tool. Find vulnerabilities for major operating system packages Alpine Amazon Linux BusyBox CentOS CBL-Mariner Debian Distroless

React to this headline:

Loading spinner

Grype: Open-source vulnerability scanner for container images, filesystems Read More »

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover 2024-07-17 at 07:01 By Mirko Zorz SubSnipe is an open-source, multi-threaded tool to help find subdomains vulnerable to takeover. It’s simpler, produces better output, and has more fingerprints than other subdomain takeover tools. “SubSnipe does some additional verification after the fingerprinting to find candidates more likely

React to this headline:

Loading spinner

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover Read More »

Realm: Open-source adversary emulation framework

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, red team, software /

Realm: Open-source adversary emulation framework 2024-07-15 at 07:32 By Mirko Zorz Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any size. “Realm is unique in its custom interpreter written in Rust. This allows us to write complex TTPs as code. With these actions as code,

React to this headline:

Loading spinner

Realm: Open-source adversary emulation framework Read More »

How AI-powered software spreads Russian disinformation on X

Artificial Intelligence, bot, disinformation, DOJ, Don't miss, Hot stuff, News, Russian Federation, software, Twitter /

How AI-powered software spreads Russian disinformation on X 2024-07-10 at 18:16 By Zeljka Zorz The US Justice Department (DoJ) has seized two US-based domains used by Russian threat actors to create fake profiles on X (formerly Twitter) that would spread disinformation in the United States and abroad. This bot farm was created and operated via

React to this headline:

Loading spinner

How AI-powered software spreads Russian disinformation on X Read More »

BunkerWeb: Open-source Web Application Firewall (WAF)

GitHub, News, open source, software /

BunkerWeb: Open-source Web Application Firewall (WAF) 2024-07-10 at 07:01 By Mirko Zorz BunkerWeb is an open-source Web Application Firewall (WAF) distributed under the AGPLv3 free license. The solution’s core code is entirely auditable by a third party and the community. “The genesis of BunkerWeb comes from the following problem: every time someone from my team

React to this headline:

Loading spinner

BunkerWeb: Open-source Web Application Firewall (WAF) Read More »

Monocle: Open-source LLM for binary analysis search

Don't miss, GitHub, Hot stuff, LLMs, machine learning, News, open source, software /

Monocle: Open-source LLM for binary analysis search 2024-07-08 at 06:31 By Help Net Security Monocle is open-source tooling backed by a large language model (LLM) for performing natural language searches against compiled target binaries. Monocle can be provided with a binary and search criteria (authentication code, vulnerable code, password strings, etc.), and it will decompile

React to this headline:

Loading spinner

Monocle: Open-source LLM for binary analysis search Read More »

Secator: Open-source pentesting Swiss army knife

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Secator: Open-source pentesting Swiss army knife 2024-07-03 at 07:01 By Help Net Security Secator is an open-source task and workflow runner tailored for security assessments. It facilitates the use of numerous security tools and aims to enhance the efficiency of pen testers and security researchers. Secator features Curated list of commands Unified input options Unified

React to this headline:

Loading spinner

Secator: Open-source pentesting Swiss army knife Read More »

Portainer: Open-source Docker and Kubernetes management

containers, Docker, GitHub, Kubernetes, News, open source, software /

Portainer: Open-source Docker and Kubernetes management 2024-07-01 at 07:32 By Mirko Zorz Portainer Community Edition is an open-source, lightweight service delivery platform for containerized applications. It enables the management of Docker, Swarm, Kubernetes, and ACI environments. It provides a smart GUI and a comprehensive API to manage your orchestrator resources, including containers, images, volumes, networks,

React to this headline:

Loading spinner

Portainer: Open-source Docker and Kubernetes management Read More »

Gitleaks: Open-source solution for detecting secrets in your code

Data leak, Don't miss, GitHub, Hot stuff, News, open source, software /

Gitleaks: Open-source solution for detecting secrets in your code 2024-06-27 at 07:37 By Mirko Zorz Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly

React to this headline:

Loading spinner

Gitleaks: Open-source solution for detecting secrets in your code Read More »

Developer errors lead to long-term exposure of sensitive data in Git repos

Aqua Security, cybersecurity, data, Don't miss, GitHub, News, open source, report, software, software development /

Developer errors lead to long-term exposure of sensitive data in Git repos 2024-06-26 at 15:01 By Help Net Security Credentials, API tokens, and passkeys – collectively referred to as secrets – from organizations around the globe were exposed for years, according to Aqua Security’s latest research. By scanning the most popular 100 organizations on GitHub,

React to this headline:

Loading spinner

Developer errors lead to long-term exposure of sensitive data in Git repos Read More »

Zeek: Open-source network traffic analysis, security monitoring

cybersecurity, Don't miss, GitHub, Hot stuff, monitoring, network analysis, network monitoring, News, open source, software /

Zeek: Open-source network traffic analysis, security monitoring 2024-06-25 at 07:01 By Mirko Zorz Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network traffic, interpret

React to this headline:

Loading spinner

Zeek: Open-source network traffic analysis, security monitoring Read More »

Cilium: Open-source eBPF-based networking, security, observability

cybersecurity, Don't miss, GitHub, Hot stuff, networking, News, open source, software /

Cilium: Open-source eBPF-based networking, security, observability 2024-06-21 at 07:01 By Help Net Security Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is eBPF? eBPF is a technology originating from the Linux kernel that allows sandboxed programs to run in

React to this headline:

Loading spinner

Cilium: Open-source eBPF-based networking, security, observability Read More »

Scroll to Top