Editor’s Note: Excerpted from their book Embedded Systems Security, the authors go through an analysis of three popular, security-critical open source applications - Apache, OpenSSL, and sendmail – ...

Endor Labs has collaborated with Aikido Security, Arnica, Amplify, Kodem, Legit, Mobb, and Orca Security to introduce Opengrep, an initiative designed to maintain open access to static code analysis ...

A consortium of over ten application security organizations has created Opengrep as a fork of Semgrep CE (Community Edition, formerly Semgrep OSS) to provide an open and accessible platform for static ...

Sonar, the leading provider of integrated code quality and code security solutions, is unveiling SonarQube Advanced Security, a significant advancement in code security which will soon be available.

Software teams today are shipping code faster than ever. But security and quality are clearly struggling to keep pace. In fact, 74% of companies admit that insecure code led to at least one security ...

Application security testing company CodeSecure Inc. today announced a new strategic partnership with open-source compliance and security platform provider FOSSA Inc. and introduced a product ...

An aardvark works in an office typing at a desktop PC while happy human workers mill about in the background. Credit: VentureBeat made with ChatGPT Positioned as a scalable defense tool for modern ...

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days later, they shipped Claude Code Security. Here's what reasoning-based ...

Beyond uniting developers under shared ideologies, goals and pain points, Open Source Summit North America ignited conversations at the intersection of code, community and change. Against the backdrop ...