Tags: security

Are Your Linux Servers Really Protected?

When thinking about IT security, one area that may not readily come to mind is the physical security of an enterprise’s servers. It’s often thought that because the servers are behind lock and key and/or in a data center, and because the data is in continuous use, encrypting the server drives isn’t...
Read 0 Comments

Key Differences in Security, Management for Serverless vs. Containers

Serverless functions and containers are two of the hottest topics in the IT world today. They’re also two technologies that share a lot in common — after all, both are ways to deploy code inside isolated, discrete environments. They are by no means identical technologies, but in the abstract, they...
Read 0 Comments

Linux Server Hardening Using Idempotency with Ansible: Part 1

I think it’s safe to say that the need to frequently update the packages on our machines has been firmly drilled into us. To ensure the use of latest features and also keep security bugs to a minimum, skilled engineers and even desktop users are well-versed in the need to update their software....
Read 0 Comments

Linux Security Summit Europe

      The Linux Security Summit (LSS) is a technical forum for collaboration between Linux developers, researchers, and end users with the primary aim of fostering community efforts in analyzing and solving Linux security challenges. LSS is where key Linux security community members and...
Read 0 Comments

lvfs.png

LVFS
LVFS is a secure website that allows hardware vendors to upload firmware updates. It’s used by all major Linux distributions to provide metadata for clients, such as fwupdmgr, GNOME Software and KDE Discover.

Linux Foundation Welcomes LVFS Project

The Linux Foundation welcomes the Linux Vendor Firmware Service (LVFS) as a new project. LVFS is a secure website that allows hardware vendors to upload firmware updates. It’s used by all major Linux distributions to provide metadata for clients, such as fwupdmgr, GNOME Software and KDE Discover....
Read 0 Comments

The Central Security Project: Vulnerability Reporting for Open Source Java

When a security researcher finds a security bug, what do they do? Unfortunately, the answer sometimes is they search for the appropriate people to notify and, when they can’t be found, end up posting the vulnerability to public email lists, the GitHub project, or even Twitter. This is the problem...
Read 0 Comments

red-team.jpg

Red Team
The Red Team Project uses the same tools, techniques, and procedures used by malicious actors, but in a constructive way to provide feedback and help make open source projects more secure.

New Red Team Project Aims to Help Secure Open Source Software

The Linux Foundation has launched the Red Team Project, which incubates open source cybersecurity tools to support cyber range automation, containerized pentesting utilities, binary risk quantification, and standards validation and advancement. The Red Team Project’s main goal is to make open...
Read 0 Comments

security-2688911_1920.jpg

BackBox
BackBox Linux makes penetration testing easy in various environments.

BackBox Linux for Penetration Testing

Any given task can succeed or fail depending upon the tools at hand. For security engineers in particular, building just the right toolkit can make life exponentially easier. Luckily, with open source, you have a wide range of applications and environments at your disposal, ranging from simple...
Read 0 Comments

Open Source Maintainers Want to Reduce Application Security Risk

According to Snyk’s “State of Open Source Security Report 2019,” which surveyed over 500 open source users and maintainers, 30 percent of developers that maintain open source (OS) projects are highly confident in their security knowledge, which is up from 17 percent the year before. In addition,...
Read 0 Comments

pgp-security.jpg

PGP
If you write code that goes into public source repositories, you can benefit from the practical PGP guidelines provided in this series.

Protecting Code Integrity with PGP — Part 1: Basic Concepts and Tools

Learn PGP basics and best practices in this series of tutorials from our archives.  In this article series, we take an in-depth look at using PGP to ensure the integrity of software. These articles will provide practical guidelines aimed at developers working on free software projects and will...
Read 0 Comments

Pages

Click Here!