security vulnerabilities

See the following -

18F Wants to Change the Rules, Not Break Them, Leader Says

Frank Konkel | Nextgov | February 22, 2017

The tech group 18F took some heat Tuesday when a General Administration Services inspector general audit found it skirting compliance rules and security procedures, but the department’s leader says the Obama-era tech unit is still committed to hacking bureaucracy. “Our job is transforming technology in government, and our job is to push against policies and regulations that are in the way of government being effective and delivering good services,” Technology Transformation Service Commissioner Rob Cook told Nextgov Wednesday...

Read More »

Protecode Announces Joint Open Source Software Competition with NHS

Press Release | Protecode | August 5, 2015

Protecode, an innovative provider of open source license management systems, today announced a collaboration with the British National Health Service (NHS) and Source Code Control Limited to launch the Code4Health competition, aimed at identifying quality software projects within the NHS's Code4Health Custodian model. The competition on managing compliance and vulnerabilities in open source software (OSS) is intended to highlight governance and security weaknesses that should be avoided by Code4Health collaborators as they develop and contribute their software to the community.

Read More »

Recession Spurring Increased Adoption Of Open Source Software According To Latest Yearly Survey By Tidelift

Press Release | TideLift | October 7, 2020

Use of open source software is expected to increase during the pandemic as businesses look to save time and money, while increasing efficiency, according to the third annual Managed open source survey released today by Tidelift, the largest provider of commercial support and maintenance for the community-led open source behind modern applications. More than 600 technologists shared how they use open source software today, what holds them back, and what tools and strategies would help them use it even more effectively.

Read More »

Tidelift Introduces a Comprehensive Way for Organizations to Ensure the Health of their Open Source Supply Chain

Press Release | Tidelift | February 2, 2021

Tidelift, the premier provider of solutions for managing the open source software behind modern applications, today announced the general availability of Tidelift catalogs, an innovative way to ensure organizations can consistently manage the health and security of their open source software supply chain. "As software supply chain security makes front page news in 2021, it is more important than ever that application development teams employ a comprehensive approach to managing the open source components that make up their applications," said Donald Fischer, CEO and co-founder, Tidelift. "With the addition of catalogs to the Tidelift Subscription, organizations can be confident that they are using open source safely without slowing down development."

Read More »

US Department Of Defense Publishes New Guidelines For The Internal Use Of Open Source For Cyber Defense Purposes

On January 24, 2022, John Sherman, the Chief Information Officer (CIO) of the US Department of Defense (DoD) released internally (and published two days later) a Memorandum for the Senior Pentagon Leadership, the Commandant of the Coast Guard, the Commanders of the Combatant Commands, the Defense Agency and the DoD Field Activity Directors. Particularly, it provides the Department of Defense with new guidelines on software development and open source software, addressing the opportunities and challenges that open source can represent for the public sector, and how the latter should interact in this regard.

Why Implanted Medical Devices Should Have Open Source Code

As medical implants become more common, sophisticated and versatile, understanding the code that runs them is vital. A pacemaker or insulin-releasing implant can be lifesaving, but they are also vulnerable not just to malicious attacks, but also to faulty code. For commercial reasons, companies have been reluctant to open up their code to researchers. But with lives at stake, we need to be allowed to take a peek under the hood. Over the past few years several researchers have revealed lethal vulnerabilities in the code that runs some medical implants. 

Read More »

What are the Latest IoT threats to Network Security

Event Details
Type: 
Seminar/Webinar
Date: 
July 23, 2020 - 1:00pm - 2:00pm

Using research from the Bastille Threat Research team as well as analysis of data from the National Vulnerability Database, Dr. Bob Baxley will examine recently disclosed vulnerabilities in protocols used by IoT devices which hackers can use to bypass your security, gain access to your systems, and exfiltrate data and voice information.

Read More »