Tag: log4j
In light Of The Log4j Incident, Google Supports Calls For Better...
In response to recent recommendations from the US government to take action against risks connected to the Log4j vulnerability, Google said it supports the...
New Google Team To Assist Critical Open Source Projects With Security
Google is increasing its already large investment in open source software security by forming a new team of developers committed to assisting the maintainers...
OpenSSF Says It Will Cost $147.9M To Secure Open Source Software
Multiple vulnerabilities in open source software have been exploited in recent years, putting enterprises of all kinds at risk. Vulnerabilities in software components such...
New Attack Surface Management Product Targets Software Supply Chain Threats
Because of high-profile attacks on firms like Solarwinds and Kaseya, as well as open source services like Log4j, software supply chains have become a...
Despite Security Issues, IT Experts Remain Optimistic About Open Source
Despite vulnerabilities like Log4j, enterprise use of open source has not slowed, but faults have emphasised the need for a better knowledge of dependencies....
The Log4j Issue: Do You Know What is in Your Software?
In December 2021, a vulnerability with a severity score of 10 out of 10 in a widely used logging library affected the security of...
Known Open Source Vulnerabilities Are Present In 81% Of Codebases
Synopsys has released a report that examines the findings of over 2,400 audits of commercial and proprietary codebases resulting from merger and acquisition transactions....
The Open Source Security Foundation Offers Free Security Training
The Open Source Security Foundation has released a free training course on designing secure software. Log4Shell, SolarWinds Compromise, and Heartbleed, to mention a few,...
White House Supports Software Industry To Improve Open Source Security
According to a White House official, big software businesses and developers are being asked to collaborate with them to improve the security of open...
Critical Log4j Vulnerability Still Being Downloaded 40% of the Time: Report
The Log4j open source component has been downloaded nearly five million times since a critical vulnerability was first discovered in it on December 10th....
