Security news that informs and inspires

Archive

2 results for tag Software Security:

Open Source Software Needs Funding, Not Bug Bounty Programs

Bug bounty programs fill a need, but the European Union's offer to pay bug bounties for vulnerabilities in open source forgets one thing: projects don't need more flaws. Open source projects need people to fix the flaws.

Software Security, Open Source, Bug Bounty

GitHub Alerts Help Fix Bugs in Ruby, JavaScript Code

When GitHub unveiled its Security Alerts scanning feature last November, it was betting that if project owners knew which software components they were using had vulnerabilities, they would update them with patched versions. GitHub said that by Dec. 1, 450,000 vulnerabilities had been resolved, either by removing the dependency entirely or swapping out with a more recent, patched version. That's a little over 10 percent of the vulnerabilities addressed, right off the bat.

App Security, Vulnerability, Software Security