AT&T is making its current Enhanced Control, Orchestration, Management and Policy platform available as open source. The company is working with the Linux Foundation on the structure of this open-source initiative. The ECOMP platform powers AT&T’s software-defined network. It gives businesses control over their network services, and developers the ability to create their own services. … continue reading
The founder of an open-source library discovery service launched a new project today that can continuously test open-source dependencies for potential vulnerabilities and other issues. The project is Dependency CI, an open-source tool that integrates directly into a GitHub workflow just like other CI systems. It runs a set of configurable tests on any dependency … continue reading
Microsoft has rolled out the beta release of TypeScript 2.0. Developers can get it after downloading TypeScript 2.0 Beta for Visual Studio 2015, which will require VS 2015 Update 3. This release includes new features like a workflow for getting TypeScript type definition files. Also, according to blog post by Daniel Rosenwasser, program manager for … continue reading
Did you hear about the hacking attack carried out a few years ago on AT&T that resulted in exposing the contact details of more than 100,000 iPad users that were stored on their system? It was one of the high-profile attacks that targeted a “security misconfiguration” vulnerability in AT&T’s system architecture. That was not a … continue reading
Bug-finding software can determine if there are potential vulnerabilities in computer programs, but there is no way to figure out how many go unnoticed. Researchers at the New York University Tandon School of Engineering collaborated with the MIT Lincoln Laboratory and Northeastern University to take a new approach to this problem. The technique intentionally adds … continue reading
At GitHub, developers can now reorder issues and pull requests, and indicate priority by moving them higher or lower down their list. For developers, this is an easy way to indicate which milestones or labels in GitHub a teammate should focus on first. After a developer has grouped issues and pull requests within a milestone, they … continue reading
Today, H2O.ai announced the availability of Sparkling Water 2.0, an API for Apache Spark with new features and functionality. Sparkling Water now includes the ability to interface with Apache Spark, MLlib and Scala to give Spark user’s more visual capabilities. Sparkling Water 2.0 builds off of Sparkling Water, which was designed to give its users … continue reading
No matter how good your perimeter security is, experts agree: Your system has been breached, whether you know it or not. The costs of security flaws—cybersecurity expert Joe Franscella calls them “The Five Horsemen of the Internet Apocalypse: Scam, Extortion, Embarrassment, Theft and Death”—are enormous. So why don’t we consider security a first-class citizen in … continue reading
It has been one year since Google added Android Security to its vulnerability rewards program. Since then, the company has received more than 250 vulnerability reports, paid more than US$550,000 to 82 individuals, and paid 15 researchers $10,000 or more. The company is now updating its Android rewards program to entice even more security researchers … continue reading
As a way to help developers prevent disclosure of sensitive information or help them identify potentially dangerous commits, SourceClear has open-sourced Commit Watcher, a tool that finds both accidental credential leaks and security patches before they become an issue. Commit Watcher finds interesting or potentially hazardous commits in Git projects, according to its GitHub page. … continue reading
The Linux Foundation’s Core Infrastructure Initiative (CII) is continuing its commitment to help fund, support and improve open-source projects with a new investment. The organization has announced it is investing in the Open Web Application Security Project Zed Attack Proxy project (OWASP ZAP), a security tool designed to help developers identify vulnerabilities in their web … continue reading
A new Apache Software Foundation project called Milagro is currently incubating, and as of this week, it has received contributions from MIRACL, NTT Innovation Institute and NTT Labs. The organizations contributed authentication code to Milagro as a way to establish a new Internet security framework made of cryptographic service providers called Distributed Trust Authorities. The … continue reading
