The NSA is getting into open source with the System Integrity Management Platform (SIMP), a cybersecurity tool for the masses. From the National Security Agency, the governmental organization that brought you PRISM and the arsenal of surveillance tools leaked in the Snowden files comes SIMP, a Linux framework designed to provide a combination of security … continue reading
More and more tech companies are piling on the “Occupy Flash” movement as Adobe’s Flash Player continues to be beset by publicly known security vulnerabilities. Mark Schmidt, Mozilla’s head of Firefox support, tweeted that the company has officially blocked Flash in all versions of Mozilla Firefox. He clarified that the block will only remain in … continue reading
The OpenSSL team has issued a high-severity security advisory. The advisory discloses a new certificate validation vulnerability where during certificate verification, OpenSSL will attempt to find alternative certificate chains if the first validation attempt fails. The vulnerability lies in an implementation error allowing an attacker to forge an invalid certificate and bypass verification. This security issue … continue reading
NEW YORK–Datapipe, a leader in secure managed hosting and cloud solutions for the enterprise, today announced a new suite of automation and orchestration services for its Managed Cloud for AWS solution. The new Datapipe Automation Services connect the enterprise with Datapipe automation experts who perform an audit of existing infrastructures, identify key opportunities for automation, … continue reading
Amazon has introduced s2n, a new open-source implementation of the TLS encryption protocol. The s2n implementation, short for “signal to noise,” is a library designed to be small, fast and simple. s2n avoids implementing rarely used TLS options and extensions, and it contains little more than 6,000 lines of code. Amazon plans to integrate s2n … continue reading
No matter how genius a new application is, it is still required to go through testers’ hands. And despite the important role testers play, they remain in the shadows. When developers become aware of the variety of tests their software must endure, it often forces them to rethink the way they develop their software—in a … continue reading
Databricks has announced the general availability of its cloud-hosted data platform, formerly known as Databricks Cloud. Less than a week after announcing the release of Apache Spark 1.4, Databricks debuted its cloud platform at Spark Summit, which has support for R-language notebooks; version-control and source-code change tracking from within Databricks; private notebook permissions management; and … continue reading
Data application infrastructure provider Concurrent has announced general availability of Cascading 3.0. The latest version of the enterprise Hadoop application development and deployment platform improves portability across programming languages such as Java, Scala and SQL, and across Hadoop distributions such as Cloudera, Hortonworks, MapR. And it now has native support for compute fabrics like Apache … continue reading
Microsoft has released version 0.3.0 of Visual Studio Code, its cross-platform code editing tool announced at Build. Visual Studio Code 0.3.0 includes new features and updates to keybinding, the command line, multi-cursor, comment actions, wrapping controls, debugging and more. There is also expanded language support for Rust, JavaScript semantics and syntax, TypeScript 1.5, and smarter … continue reading
Code Connect, a Microsoft developer tooling startup, has announced Alive, a live coding extension for Visual Studio 2013 and 2015. It provides immediate code feedback to developers with an immediate watch window directly inline with the code, accessible during design without launching the application. The extension currently supports only C# and .NET framework 4.5, as … continue reading
A startup aims to reinforce enterprise Docker with a new virtual container security suite. Twistlock, a startup based in Tel Aviv and San Francisco that recently emerged from stealth mode, today announced the Twistlock enterprise security suite for containers. The end-to-end solution includes an open-source containerized application framework for developers as well as an enterprise … continue reading
In most organizations today, the most precious assets (if not the most precious asset) are their applications (and the data they handle). Yet those same organizations protect their applications only from the outside. “Imagine a person who leaves his house always surrounded by bodyguards, because he cannot protect himself. He doesn’t have the skills or … continue reading
