Docker is a well-known open source container platform used for development and production worldwide. Approximately 13 million developers download 13 billion container images each month. This technology allows developers to write fully executable software packaged with everything needed to run it, from the code to system tools, runtime libraries, and settings. That means that from…
Continue ReadingOpen Source
Best Eclipse Plugins To Add to Your Toolkit
Developers tend to favor the integrated development environment that works best for them. That means finding the right tools to perform necessary functions that work seamlessly with their particular environment. There are numerous available plugins for those who prefer the Eclipse IDE, inspiring many lists of the best Eclipse plugins. Because narrowing them down can…
Continue Reading
Docker Security Best Practices?
Using containers and open-source applications, web developers can churn out programs faster than ever and bring large-scale projects into rough operation in a fraction of the time. Unfortunately, the use of OSS also brings more security issues into the mix. Development now requires Docker security best practices to build more secure containers and ensure safe…
Continue Reading
Docker Security Scanning Guide
Docker is changing the way developers are creating applications and continues to grow in popularity, as evidenced by its over 10 million users and over 242 billion pulled images. However, while the platform and its ingenious containerization methods dramatically accelerate application development, programmers are realizing a growing need for further security maintenance and increased demand…
Continue Reading
log4j Vulnerability / log4Shell – Sends Tech World Scrambling
The log4J zero day vulnerability being referred to as “Log4Shell” (CVE-2021-44228) was firsts discovered on December 9th, 2021, and is getting a lot of well-deserved attention because of its wide-reach and high severity. This log4J vulnerability allows for unauthenticated remote code execution and can be weaponized to allow the complete takeover of a vulnerable system….
Continue Reading
How Do I Use BitBucket Security Scanner?
The code management software Bitbucket helps teams collaborate more cohesively to improve the integration of high-quality code. Core features are available to all Bitbucket users, while the choice between cloud, data center, or on-site servers determines a user’s accessibility to several valuable abilities. Bitbucket’s user-friendly interface makes it easy to monitor and track all pull…
Continue Reading
Supply Chain Attacks – Defend Against Dependency Substitution and Typosquatting
If you’ve referenced open-source software in your software development process, you’ve relied on code published to public repositories as “packages”. These packages can be an attack vector when a malicious character uses Dependency Substitution or Typosquatting to ceate a supply chain attack. Those packages are downloaded and installed by a package manager. Each programming language…
Continue Reading
Docker Vulnerabilities and Security Risks
Since 2013, Docker has enabled rapid development and deployment of web applications. With its innovative approach to containers, Docker also pioneered a way to distribute highly secure applications. Nonetheless, security is never perfect. With even the most popular docker images containing vulnerabilities or malware, a hard look at Docker security issues is a wise move…
Continue Reading
10 Ways to Make GitHub Safe
Is GitHub Safe? The platform is as safe as a developer makes it. Learn about the cheats, tools, and tactics to keep projects safe throughout development.
Continue Reading
BSD vs MIT License
The BSD vs MIT license contest has a lively history. Learn about the high-stakes gambles and exasperating missteps behind the leading FOSS licenses.
Continue Reading