As CES draws to a close, I’ve seen more than one security person complain that nobody at the show was … More

The EU recently announced they are going to sponsor a security bug bounty program for 14 open source projects in … More

This is just how open source works, and that’s OK

If you visit github.com to download code to include in your project, or you visit stack overflow for help, or if you find snippits using a search engine, you have open source dependencies

There seems to be a lot of questions going around lately about how to best give out simple security advice … More

There are not millions of unfixed security flaws missing from the CVE data.

We love to do security reviews on the projects, products, and services our companies use. Security reviews are one of … More