Is Code Auditing of Open Source Apps Necessary?
Dec 25, 2009, 08:03 (0 Talkback[s])
[ Thanks to An Anonymous Reader for
this link. ]
""Given the significant savings to be had from using open source
applications, Sun's strategy is a security testing at all stages in
the customization process," said Richard Kirk, Fortify European
Director.
""It's also good to see Sun announcing its support for the new
security guidance from the Cloud Security Alliance, since this
means that its open source apps will support the best practice
guidelines, which is essential when supporting a private cloud
infrastructure," he added.
"According to Kirk, whilst the use of encryption and VPNs to
extend a secure bridge between a company IT resource and a private
cloud facility is very positive - especially now that Amazon is
best testing its pay-as-you-go private cloud facility - it's
important that the underlying application code is also secure."
Complete
Story
Related Stories:
- The Cost of SELinux, Audit, & Kernel Debugging(Aug 13, 2009)
- The Smallest Threat to Open Source in 2009(Jan 07, 2009)
- Nessus Vulnerability Scanner in openSUSE(Aug 29, 2008)
- In Linux security, apply principle of least privilege(Jul 22, 2008)
- Troubleshooting Defunct (Zombie) Processes on Linux(Mar 25, 2008)
- Linux Server Administration(Mar 05, 2008)
- Why Proprietary Code is Bad for Security(Aug 27, 2007)
