The Eclipse Foundation is a CNA (CVE Numbering Authority), responsible for assigning vulnerability identification numbers, known as CVE (Common Vulnerability Enumerations), to our projects. This August, a new set of rules for CNAs comes into force.
This initiative, aimed at bolstering the security of our source code repositories, mandates that all users with write access to an Eclipse Project repository (commonly known as committers) on GitHub and the Eclipse Foundation GitLab instance must use 2FA.
The Eclipse Foundation Security Team has been made aware of the vulnerability VU#421644 affecting multiple HTTP/2 implementations, that could cause an out-of-memory crash.
FOSS Security Campus Trainings are in-depth training courses by distinguished experts on the topics of open source and security, to empower developers, dev ops engineers, managers and others in the field of software development to make their products more secure. The trainings being offered are: DevSecOps and Software factory included by Thomas Fricke (Freelancer), A Game of Cat and Mouse by Stefan Grönke (Radically Open Security) and Automated Security Testing by Peter Mosmans (Radically Open Security).
FOSS Security Campus, is a new event focusing on IT security in the FOSS and open source sector. The conference will take place for the first time on September 28-29th, 2023. Topics include Open Source Supply Chains, Security Processes, Vulnerability Disclosure, Bug Bounties, Security by Design, Risk Mitigation and much more. The conference will be kicked off with a keynote by Melanie Rieback on "How business models are conflicting with a cybersecure world" and on the second conference day a keynote will be held by Thijs Ebbers and Jan Vogel on Zero Privilege Architectures.
In this session, we will explore how Payara Monitoring Console helps you streamline your Jakarta EE and MicroProfile application monitoring, troubleshooting, and management. Whether you are a DevOps engineer, system administrator, or Jakarta EE developer, this webinar is a must-attend event. Discover how the Payara Monitoring Console streamlines monitoring workflows, improves application performance, and enables faster incident response for your organisation.
Security has become a critical issue for the entire IoT supply chain in recent years, as the number of connected devices continues to grow and our reliance on them increases. With more devices connected to the internet, the potential for security breaches and data theft also increases.
FOSDEM is a two-day event organised by volunteers to promote the widespread use of free and open source software.