Security News

San Francisco-based cloud security startup Panther Labs has launched the first stable version of its open-source security information and event management solution, Panther. Advertised as "a powerful alternative to traditional SIEMs like Splunk," Panther is self-hosted and it uses Python to analyze logs from popular security tools, and also includes support for analyzing cloud resources with policies to help discover vulnerable infrastructure and establish security best practices.

AI, whose artificial intelligence software is purpose-built for engineers, scientists, and researchers and enables them to innovate and make discoveries faster, announced that it had completed contributions to TensorFlow, the world's most popular open-source framework for deep learning created by Google. "Part of Noble's mission is building AI that's accessible to engineers, scientists and researchers, anytime and anywhere, without needing to learn or re-skill into computer science or AI theory," said Dr. Matthew C. Levy, Founder and CEO of Noble.

The leader in purpose-built and performance-optimized data center appliances, announced the availability of the HyperSwitch, its next-generation top-of-rack switch built to maximize the performance and flexibility of SONiC, an open source network operating system built by Microsoft for scale-out performance networking. HyperSwitch units add power and extensibility by including an AMD EPYC Embedded 3000 Processor that can be used flexibly by network operators for network security applications such as firewalls, or for dedicated storage managers, and virtually any other software desired for custom networking operations.

Open source bugs have skyrocketed in the last year, according to a report from open source licence management and security software vendor WhiteSource. The number of open source bugs sat steady at just over 4,000 in 2017 and 2018, the report said, having more than doubled the number of bugs from pre-2017 figures that had never before broken the 2,000 mark.

The number of disclosed open source software vulnerabilities in 2019 reached over 6000, up from just over 4,000 in 2018, a new WhiteSource report says. "This can be attributed to the rise in awareness to open source security following the widespread adoption of open source components and the massive growth of the open source community over the past few years, along with the media attention directed at recent data breaches," the company noted.

The number of vulnerabilities in open source projects surged almost 50 per cent in 2019, according to security biz WhiteSource, which can be seen as good news in the sense that you don't find what you're not looking for. "The problem with open source vulnerabilities is that, like everything in the open source community, once something is reported all the information is public and every beginner hacker can learn the vulnerability and it's exploitation and then execute it on a large number of applications."

The new platform enables major advances in managing software development, such as open source technologies that use innovative and customizable tools for analyzing and monitoring OSS software projects. Also the supplier of solutions for industry Softeam, which provides one of the most popular open source tools for model based software development; Unparallel Innovation and Castalia Solutions that specialize in guidance and services to industry for exploiting new technology innovations; along with two leading forge providers, Eclipse Foundation and OW2 Consortium, that host many popular open source projects used by industry.

The HPE Container Platform is the industry's first enterprise-grade container platform designed to support both cloud-native and non-cloud-native applications using 100 percent open source Kubernetes - running on bare-metal or virtual machines, in the data center, on any public cloud, or at the edge. The HPE Container Platform reduces cost and complexity by running containers on bare-metal, while providing the flexibility to deploy in VMs or cloud instances.

If your desktop of choice is Linux, you don't have to be without a 2FA tool, thanks to OTPClient.

According to Jim O'Gorman, Chief Content and Strategy officer at Offensive Security and leader of the Kali team, Kali users generally fall into two buckets: highly informed, experienced professionals/hobbyist and individuals that are new to Linux in general. "As a whole, I think it's fair to say that we build and design Kali for security professionals and hobbyists to utilize as a base platform for their work. These are individuals that could easily roll their own version of Linux for their needs, but if Kali is done right, it's a no-brainer to use it and save the work and effort that would go into building your own," he told Help Net Security.