Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Governance, Risk and Compliance, Critical Infrastructure Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

ActiveX flaw detector released

The CERT Coordination Center at the Carnegie Mellon Software Engineering Institute in Pittsburgh on Thursday released a free, open-source tool that software developers can use to detect ActiveX vulnerabilities. Dubbed Dranzer, the tool was tested on 22,000 ActiveX controls produced by more than 5,000 organizations. Dranzer is designed for use during the quality assurance phase of software creation and can help prevent flaws, such as buffer overflows, from being shipped in software to the public. — DK

Related

Security concerns curb open source utilization

Open source software utilization has been scaled back by nearly 40% of industry professionals due to security concerns, with more than 50% reducing open source usage following the emergence of the widespread Log4j vulnerability, The Register reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.