![]() ![]() ![]() "There has long been a misguided assumption that open-source software is secure because so many people have access to it and are using it in their projects, so any security issues would have been resolved," Bronfman added. 'Misguided' assumptions about open-source security ![]() "The recent Log4j open-source software vulnerability is yet another example as to why safeguarding open-source software is critical," said Slava Bronfman, CEO and co-founder of Cybellum, a cybersecurity platform maker located in Tel Aviv, Israel. "This bug, which can be exploited by only typing in 12 characters, can allow cyber criminals and foreign adversaries to remotely access critical American networks," Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Michigan) said at the February hearing.Īlthough billed as an information-gathering exercise, the public forum caused some discussion in open-source and security circles about whether government concerns over open-source software could lead to its regulation. The question is what to do now about security risks in open-source software-if anything. Earlier this year, the open-source community came under the scrutiny of a US Senate committee investigating a serious vulnerability in Log4j, a widely used, Java-based logging utility. Government experts say the vulnerability, called Log4Shell, was one of the most severe and widespread cybersecurity risks they've ever seen. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |