Chef updates its open-source detection and evaluation tool to help organizations with security compliance in the cloud. DevOps vendor Chef announced on Feb. 20 the latest edition of its open-source InSpec compliance tool in an effort to accelerate and enable a DevSecOps approach to IT security.
Category Archives: Security
Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code.
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA.
It provides an easy to use interface for managing a MailScanner installation. It is used to perform operations such as releasing quarantined messages, bayesian learning, whitelisting and blacklisting addresses, monitoring the health of the services etc. Baruwa is implemented using web 2.0 features (AJAX) where deemed fit, graphing is also implemented on the client side using SVG, Silverlight or VML. Baruwa has full support for i18n, letting you support any language of your choosing.
How do I install and configure SquidGuard – a web filter plugin for Squid to restrict access to domains/URLs based upon access control lists? How do I block porn, gambling, and other web-sites using squid proxy server version 3.x under Debian or Ubuntu Linux server for my school ?
This howto describes setting up an IPSEC VPN for use with the Iphone, Ipad and Mac OSX VPN clients on Centos/RHEL 6. I am using the 5.x branch of Strongswan which is now the mainline actively maintained branch. At the time of writing the 5.x EPEL package was only available in the testing repo.
Businesses can use a good stout RADIUS server to authenticate any network client. Dial-up, DSL, virtual private networks (VPN), wireless networks – you name it, RADIUS will authenticate it. If you’re ready to learn how to set up a FreeRADIUS server to authenticate users for a wireless network, test new configurations safely, and configure a wireless access point and clients to use the new FreeRADIUS server, you’ve come to the right place.
Everyone has secrets. Some of yours probably live on your computer. If you want to keep digital information private, locking it behind a password won’t really keep it secure. The only real solution is encryption, which scrambles the contents of files, making them unintelligible to anyone without the digital key to unscramble them. TrueCrypt can encrypt and decrypt files, documents, and even entire filesystems.
Manage all your computer network services through one single platform. Zentyal is a Network Gateway, Unified Threat Manager, Office Server, Infrastructure Manager, Unified Communications Server or a combination of them. All services based on the same technology and fully integrated. For the first time you can make your network act as one single unit.
LinOTP is an open solution for strong two-factor authentication with One Time Passwords. This new LinOTP 2 is truely open in two ways. The core modules and basic necessary components are licensed under the AGPLv3, so that you are able to have a complete working open source solution. But LinOTP 2 is also open as far as its modular architecture is concerned. LinOTP 2 aims to not bind you to any decision of the authentication protocol or it does not dictate you where your user information should be stored. This is achieved by its new, totally modular architecture.
You can use verinice for:
- establishing, maintaining and improving an ISMS based on ISO 27001
- assuring the compliance with standards such as ISO 27002, BSI IT-Baseline Security, VDA IS-Assessments and many more
- performing risk analysis based on ISO 27005
- auditing, document management, report generation and much more
This document can be used as a guide to installation of MyDLP Appliance. It also describes the basic usage. MyDLP is an easy, simple and open DLP (data loss prevention) solution, licensed under GPLv3. MyDLP 1.0 is released on 10 November 2010. MyDLP Appliance is a distribution based on Ubuntu Server. The distribution comes as a easy to deploy key solution. Protecting customer records, securing confidential files, data flow enforcements… they are all achievable within 30 minutes.
The syslog-ng Open Source Edition is the direct descendant of the syslog-ng project that started ten years ago. This free, open-source version is an extremely well-developed, high performance, stable system being the Linux/Unix world’s most frequently used alternative central logging system.
spmfilter is a high-performance mail filtering framework, written in C. It attempts to be a general filtering framework for any purposes. Filtering mechanisms are provided by plugins, the API enables spmfilter plugins to access messages as they are being processed by the MTA. This allows them to examine and modify message content and meta-information during the SMTP transaction.