Canonical, the parent company of Ubuntu Linux, has reached its 20th anniversary. To honor this monumental birthday, we'll delve into Canonical's history and impact on the Linux ecosystem....
Canonical, the parent company of Ubuntu Linux, has reached its 20th anniversary. To honor this monumental birthday, we'll delve into Canonical's history and impact on the Linux ecosystem.
In the world of cloud-native computing, security is paramount. The recent announcement by the Cloud Native Computing Foundation (CNCF) about the graduation of Falco, a cloud-native security tool, brings it to the forefront. Falco, described as the de facto Kubernetes threat detection engine, has gained significant traction among notable organizations like Booz Allen Hamilton, GitLab, Shopify, and many more.
The Linux Foundation recently published a report titled Maintainer Perspectives on Open Source Software Security, which provides valuable insights into the perspectives, practices, and challenges faced by OSS maintainers and core contributors regarding open-source software security. The report highlights the importance of utilizing software composition analysis (SCA) and static application security testing (SAST) tools in evaluating the security of OSS packages.
The Linux Foundation's 2023 Open Source Generative AI Report delves into the advancements and implications of generative Artificial Intelligence (AI). As Linux admins, infosec professionals, and Internet security enthusiasts, it is crucial for us to understand the impact this technology has on our field. Let's critically analyze the insights from the report and explore the long-term consequences.
The Rust Foundation will be developing a training and certification program to ensure that developers who use the language can create secure software. The training will include both online and in-person options and will be available in many different languages.
It's no secret that Linux is the most popular operating system in the world. It's also no secret that it's a very secure OS, but many things can go wrong. It's hard to keep up with all the patches and vulnerabilities, especially when you must patch tens of thousands of servers without downtime. But Meta has a system for doing so!
KubeCon + CloudNativeCon provided valuable insights for security teams supporting cloud-native development, including securing GenAI, platform engineering and supply chains.
Cloud has become synonymous with enterprise IT, but let’s not get ahead of ourselves. Though enterprises now spend roughly $545 billion annually on cloud infrastructure, according to IDC, and 41% of that spend goes to the top five cloud providers, the reality is that a substantial amount of money, even “cloud” money, isn’t being spent with the big hyperscalers.
The annual Ubuntu Summit is where Linux and open-source software lovers gather to see what’s new. This year it will take place in the beautiful city of Riga, Latvia, November 3 to 5. And guess what? Microsoft, the big name we usually associate with paid software, joined the movement. This new partnership aims for greater collaboration between major technology companies and open-source communities.
Today at DockerCon, Docker has announced the General Availability of Docker Scout. With the integration of Sysdig Runtime Insights, Docker Scout helps developers prioritize risk. This will significantly improve software supply chain security. Let's find out why.
[BLACK HAT] Googlers have lately found not one but two more security vulnerabilities in Intel and AMD processors that can be exploited to steal sensitive data from a vulnerable computer's memory.
As part of the company's recent Summit 2023, Red Hat has announced multiple different products, updates and, most importantly, opened up about the company's thoughts and prospects moving forward.
This week alongside several other Linux Foundation events in Vancouver was the Linux Security Summit. Commanding a significant presence at the Linux Security Summit was Microsoft.
The Linux Foundation has just announced the full schedule for the Embedded Open Source Summit, which will take place on June 27-30, 2023 in Prague, Czech Republic, as well as virtually starting on June 26.
A federal judge has sided with four publishers who sued an online archive over its unauthorized scanning of millions of copyrighted works and offering them for free to the public. Judge John G. Koeltl of U.S. District Court in Manhattan ruled that the Internet Archive was producing “derivative” works that required permission of the copyright holder.
More critical flaws similar to Log4Shell found in open source are almost inevitable, but Open Source Security Foundation’s (OpenSSF’s) goal is to make those incidents rare and continually make the attackers’ job harder, a Linux Foundation executive noted.