Syft3d ago
What's Grype been up to? 🤔 Squashing bugs, refining detection, and generally being awesome! Our weekly OSS report is out. Dive in to see how we're making your vulnerability scans even better. Got an idea? Join the open-source fun! #OSS #SecurityTools
https://anchorecommunity.discourse.group/t/anchore-open-source-weekly-report-week-25-2025/474
Anchore Open Source Weekly Report, Week 25, 2025

Anchore Open Source Weekly Report This report covers the community activity in Anchore Open Source Projects from June 16, 2025 to June 20, 2025. Executive Summary The Anchore Open Source projects saw focused development activity this week with 14 issues and pull requests resolved across the ecosystem. Key work included significant refactoring of Grype’s version handling system, improvements to CPE segment escaping for better vulnerability matching, and VEX document processing fixes. The team al...

Anchore Community
halil denizJun 18

🚀 Excited to introduce pentestgen – a modern, open-source penetration test report generator designed to simplify and professionalize your security assessments!

With pentestgen, you can quickly document vulnerabilities, recommendations, and executive summaries, preview your reports live, and export polished PDFs — all with a clean, user-friendly interface.

Check it out here:

🔗 https://halildeniz.github.io/pentestgen/

#cybersecurity #pentesting #opensource #infosec #reporting #securitytools

Cybersecurity Pentester Report Generator

Create professional cybersecurity pentest reports easily. Add findings, recommendations, and export as PDF.

Richard ChamberlainJun 15

🔐 Tired of bloated `sshd_config` files?
💡 Try modular SSH policies!

Our latest guide shows how to group SSH settings into reusable policy files using `Include`. Tackle brute-force attacks (like CVE-2024-6387), disable forwarding, enforce key-only logins, and apply IP-based rules.

🛠️ Cleaner configs = better security & scalability.

📚 Read more: https://richard-sebos.github.io/sebostechnology/posts/SSH-Polices/
📬 Contact: info@sebostechnology.com

#Linux #SSH #OpenSSH #Infosec #SysAdmin #DevOps #SecurityTools #SelfHost

Secure SSH Access with Modular Policy Files

Hardening your SSH server doesn’t have to be complicated. Learn how to use modular policy files with OpenSSH to simplify configuration, improve security, and streamline management.

Sebos Technology
ITSEC NewsJun 11
Patch Tuesday, June 2025 Edition - Microsoft today released security updates to fix at least 67 vulnerabilities in it... https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/ #windowsservermessageblock #sansinternetstormcenter #patchtuesdayjune2025 #experiencemanager #cve-2025-33053 #cve-2025-33073 #mozillafirefox #securitytools #acrobatreader #badsuccessor #googlechrome #timetopatch #adambarnett #alexvovk #sethhoyt #action1 #automox #akamai #rapid7 #webdav
Patch Tuesday, June 2025 Edition – Krebs on Security

KrebsOnSecurity RSSJun 11

Patch Tuesday, June 2025 Edition

https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/

#WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #CVE-2025-33053 #CVE-2025-33073 #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV

Patch Tuesday, June 2025 Edition – Krebs on Security

anchoreJun 5
False positives aren't just noise; they're a real DevSecOps challenge. Our blog explores common culprits like cross-ecosystem confusion & package metadata issues, and how tools like Grype & Syft are improving. Read on: https://anchore.com/blog/false-positives-and-false-negatives-in-vulnerability-scanning/
#AppSec #SecurityTools
False Positives and False Negatives in Vulnerability Scanning: Lessons from the Trenches

Learn about the critical balance of false positives and false negatives in security. Improve your vulnerability detection strategy.

Anchore
anchoreJun 4
Grab your coffee, webinar starting in 1 hour! Join us at 10 AM PT to discover Anchore SBOM and how it simplifies SBOM management, enhances visibility, and helps mitigate supply chain risks. Last chance to register: https://go.anchore.com/introducing-anchore-sbom.html #LiveWebinar #SecurityTools #AnchoreSBOM
nickbeardedMay 25

For students interested in programming, you can absolutely study C and C++ with BashCore and BashCoreX, thanks to the included gcc and g++ compilers.

Plus, you'll find powerful tools like git, vim, and emacs for development. It's a robust environment for learning and security exploration!

https://bashcore.org

#BashCore #BashCoreX #Linux #InfoSec #CyberSecurity #Programming #C #Cplusplus #DevTools #OpenSource #TechRelease #SecurityTools #Learning

BashCore - Home

GrypeMay 21
Ever wonder what's really in your dependencies? Anchore SBOM can help you get visibility into your software supply chain. Import your SBOMs (SPDX, CycloneDX, Syft) and get the lowdown on vulnerabilities. Check it out!
https://anchore.com/blog/announcing-anchore-sbom/
#OpenSource #SBOM #SecurityTools
Take Control of Your Software Supply Chain: Introducing Anchore SBOM

Introducing Anchore SBOM: a centralized solution for tracking and managing SBOMs, enhancing visibility into your software components.

Anchore
Marco Ciappelli🎙️✨ May 15

This is about to happen! Join us!

How To Detect And Mitigate Non-Human Identity And Crytographic Vulnerabilities — An ITSPmagazine Webinar With SandboxAQ
Thursday, May 15, 2025 | 1:00 PM 2:00 PM EST

Unmanaged cryptographic assets and non-human identities have left security teams blind to critical risks. These gaps have fueled vulnerabilities, breaches, compliance challenges, and operational drag across enterprise environments.

Join us to see how #AQtiveGuard transforms this landscape.

https://www.crowdcast.io/c/how-to-detect-and-mitigate-non-human-identity-and-crytographic-vulnerabilities-an-itspmagazine-webinar-with-sandboxaq

More than just visibility, AQtive Guard unifies your non-human identities and cryptographic assets into a single inventory to deliver end-to-end visibility, deeper risk analysis, and streamlined compliance in a single pane of glass—with automated discovery, real-time threat detection, and root cause analysis powered by their unique LQM.

Seamlessly integrated into your existing stack, it’s the AI-driven SaaS platform built to secure today’s systems—and tomorrow’s.

By attending, you will get to:
Discover how to gain unified visibility into cryptographic assets and non-human identities —including API keys, certificates and service accounts—in cloud environments

Explore how AQtive Guard empowers security teams with automated discovery, threat detection, and root cause analysis—enabling faster remediation, reduced risk, and stronger compliance without disrupting existing workflows.

Learn how to future-proof your security posture, with a platform designed for AI Security Operations, Post-Quantum Cryptography readiness, and seamless integration into your existing security stack.

PANELISTS
Marc Manzano
General Manager of Cybersecurity, SandboxAQ
MODERATORS
Sean Martin, CISSP Co-Founder, ITSPmagazine
Marco Ciappelli Co-Founder, ITSPmagazine

Can’t attend the live webinar? All registrants get exclusive access with a link to rewatch the recording.

Register To Attend: https://www.crowdcast.io/c/how-to-detect-and-mitigate-non-human-identity-and-crytographic-vulnerabilities-an-itspmagazine-webinar-with-sandboxaq

#cybersecurity, #cryptography, #AIsecurity, #infosec, #webinar, #securitytools, #threatdetection, #cloudsecurity, #sandboxAQ, #ITSPmagazine #tech #technology #quantum

How To Detect And Mitigate Non-Human Identity And Crytographic Vulnerabilities — An ITSPmagazine Webinar with SandboxAQ

Register now for How To Detect And Mitigate Non-Human Identity And Crytographic Vulnerabilities — An ITSPmagazine Webinar with SandboxAQ on crowdcast, scheduled to go live on May 15, 2025, 01:00 PM EDT.

crowdcast