Security News
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. Depscan utilizes cdxgen to produce Software Bill-of-Materials, which allows us to support many different languages and source code configurations.
Developing an effective strategy is a continuous process which requires recurring evaluation and refinement Partner Content A cyber defense strategy outlines policies, procedures, and technologies...
BLint is a Binary Linter designed to evaluate your executables' security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials for compatible binaries.
The OpenSSF community has developed open-source security tools and projects, aiming to make security the default and promote a collaborative effort to strengthen the security posture of open-source ecosystems. OpenSSF is working to combat that challenge by establishing a security baseline for open-source projects and aims to propagate it across the Linux Foundation.
In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software. One of the core issues around open-source vulnerability patch management has been the coupling between security patches and other code changes.
Pktstat is an open-source tool that is a straightforward alternative to ncurses-based Pktstat. On Linux, it utilizes AF PACKET, while on other platforms, it employs generic PCAP live wire capture.
ReNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process. ReNgine was developed to overcome the constraints of conventional reconnaissance tools.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Tracecat is an open-source automation platform for security teams. The developers believe security automation should be accessible to everyone, especially understaffed small- to mid-sized teams.
Please turn on your JavaScript for this page to function normally. Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application's system prompt against dynamic LLM-based threats.