Open Source Security News, Features, and Interviews


How to stay protected for Heartbleed and other OpenSSL flaws

By Anthony Caruana | 24 June, 2014 09:21

Heartbleed wasn't just an interesting Internet security story. It was a sign that one of the most fundamental building blocks relied on by many large companies was significantly flawed. Even more staggering was the revelation that the OpenSSL open source code library, that is responsible for SSL communications between systems, had another flaw that went undetected for over a decade.

Google to auto probe Android Market for malware

By Liam Tung | 03 February, 2012 22:18

Google has unveiled Bouncer, its answer to the growing threat of maliciously laced software available on the Android Market.

Cnet de-trojans Nmap, but outrage continues

By Liam Tung | 08 December, 2011 08:52 | 3 Comments

Tech publisher CNet has removed the controversial proprietary installer it overlaid the penetration testing tool Nmap with, but critics are angry it is still used for "thousands" of other downloads.

WatchGuard launches iOS-friendly security appliance

By Mikael Ricknäs | 30 November, 2011 03:42

WatchGuard's latest security appliance, the XTM 330, allows business travelers from small enterprises to use their iPads or iPhones to communicate securely with the office, the vendor said on Tuesday.

Hackers launch millions of Java exploits, says Microsoft

By Gregg Keizer | 30 November, 2011 06:48

Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.


Review : Clearswift SECURE Web Gateway 2.5

By Matt Hackling | 20 March, 2012 13:35 | 2 Comments

We were eager for this box to arrive from Clearswift, this kind of kit gets us excited. We were expecting a hardware appliance to be shipped to us, but when opened the box, all we found was a 1RU Dell Server.


5 open source security projects to watch

By Rodney Gedda | 20 January, 2011 11:23 | 1 Comment

Data security is always top of mind for CIOs and CSOs, and there is no shortage of challenges when it comes to picking the right tool for the job. With network and software vulnerabilities growing at a perpetual rate, good security software can help defend against many of the large-scale threats that occur locally and from all over the Internet. In this edition of 5 open source things to watch, we take a look at security products that will guard against threats without robbing your kitty.


Open source FreeOTFE encrypts disks handily

By Ian Harac | 09 March, 2011 06:09

FreeOTFE may sound like a political bumper sticker, but it stands for "Free On The Fly Encryption." The "Free" part is self-explanatory; "On The Fly Encryption" refers to the encrypting/decrypting of data as it is written to or read from your hard disk.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Security for Enterprise

Encrypt data with easy-to-use key management for virtual, private, and public cloud environments with Trend Micro SecureCloud™.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.