Internet Industry Search Engine

SAP Open Sources Java SCA Tool

https://www.infoq.com/news/2019/03/sap-composition-analysis
See More From: infoq.com

Mar 14, 2019 1:00 AM 1+ mon ago

SAP Open Sources Java SCA Tool

SAP has released the source code for Vulnerability Assessment Tool, a software composition analysis (SCA) tool that was tested internally for two years with 20,000 scans on more than 600 projects.

The Vulnerability Assessment Tool focuses specifically on the detection of vulnerable components as it is stated in OWASP-Top 10 2017 A9. The tool scans software packages for direct and transitive dependencies and then compares each dependency to known sources, like the National Vulnerability Database or CVE list, to determine if known vulnerabilities or exploits exist for each package. During development, this knowledge can inform developers on when they should upgrade certain components. During operations, when a new vulnerability is discovered, this information can be used to locate which applications require action.

SCA has become critical to the software industry following the breach of Equifax in 2017 after failure to patch Apache Struts CVE-2017-9805. ...

Read More

Imperva Open Sources Active Directory Java Connector

infoq.com     1+ mon ago

Imperva has publicly released the source code to Domain Directory Controller (DDC), a Java library that simplifies common Active Directory integrations. Unlike Java's base LdapContext, this library b...

SAP builds its own Java distribution

SAP builds its own Java distribution

infoworld.com     1+ mon ago

The project, which began in December 2017, serves as a downstream version of OpenJDK maintained by SAP. SAP customers and partners can use it to run their applications. OpenJDK is ...

Spotify Open Sources cstar: its Cassandra Orchestration Tool

infoq.com     6+ mon ago

Spotify recently open sourced cstar, its Cassandra orchestration tool. Cstar is a command line tool to runs scripts on all hosts in a Cassandra cluster. Cstar emerged from the necessity of running sh...

NSA Ghidra, a Reverse Engineering Tool, Runs on Java 11

NSA Ghidra, a Reverse Engineering Tool, Runs on Java 11

infoq.com     2+ week ago

The National Security Agency (NSA) recently released the source code for their reverse-engineering tool, Ghidra, that enables cybersecurity specialists to disassemble and inspect a...

Building Self-Contained, Installable Java Applications With JEP 343: Packaging Tool

Building Self-Contained, Installable Java Applications With JEP 343: Packaging Tool

infoq.com     1+ mon ago

InfoQ Homepage News Building Self-Contained, Installable Java Applications with JEP 343: Packaging Tool The OpenJDK community has released an early access build of JEP 343: Packag...

Webhint Open Source Linting Tool

infoq.com     6+ mon ago

The webhint project provides an open source linting tool to check for issues with accessibility, performance, and security. The creation of websites and web apps has an increasing numb...

Article: Upgrading from Java 8 to Java 12

Article: Upgrading from Java 8 to Java 12

infoq.com     1+ week ago

Enterprises have traditionally been reluctant to upgrade to the latest version of Java until it has been fully proven. This is becoming increasingly challenging as we've had new v...

Google open sources ClusterFuzz

Google open sources ClusterFuzz

techcrunch.com     2+ mon ago

Google today announced that it is open sourcing ClusterFuzz, a scalable fuzzing tool that can run on clusters with more than 25,000 machines. The company has long used the tool in...

Java 11 Released

infoq.com     6+ mon ago

Java 11 has arrived. The new release is the first planned appearance of Oracle's long-term support (LTS) releases, although Oracle have also grandfathered in Java 8 as an LTS release t...

CIDLib C++ dev tool goes open source

CIDLib C++ dev tool goes open source

infoworld.com     1+ mon ago

CIDLib, a general-purpose C++ development environment, is now open source. Note that it does use some third-party code, including a version of the Scintilla engine as the CML langu...


Imperva Open Sources Active Directory Java Connector

infoq.com     1+ mon ago

Imperva has publicly released the source code to Domain Directory Controller (DDC), a Java library that simplifies common Active Directory integrations. Unlike Java's base LdapContext, this library b...

SAP builds its own Java distribution

SAP builds its own Java distribution

infoworld.com     1+ mon ago

The project, which began in December 2017, serves as a downstream version of OpenJDK maintained by SAP. SAP customers and partners can use it to run their applications. OpenJDK is ...

Spotify Open Sources cstar: its Cassandra Orchestration Tool

infoq.com     6+ mon ago

Spotify recently open sourced cstar, its Cassandra orchestration tool. Cstar is a command line tool to runs scripts on all hosts in a Cassandra cluster. Cstar emerged from the necessity of running sh...

Crypto Exchange Coinbase Open-Sources Its Security Scaling Tool

coindesk.com     6+ mon ago

U.S.-based cryptocurrency exchange Coinbase is making a recently developed automated security scaling tool available to the public. Called Salus, after the Roman the goddess of safety and well-being,...

SAP is buying Qualtrics, sources say

cnbc.com     5+ mon ago

Published 5:59 PM ET Sun, 11 Nov 2018 Updated 9:58 AM ET Mon, 12 Nov 2018 CNBC.com SAP to buy startup Qualtrics for $8 billion 6:51 AM ET Mon, 12 Nov 2018...

NSA Ghidra, a Reverse Engineering Tool, Runs on Java 11

NSA Ghidra, a Reverse Engineering Tool, Runs on Java 11

infoq.com     2+ week ago

The National Security Agency (NSA) recently released the source code for their reverse-engineering tool, Ghidra, that enables cybersecurity specialists to disassemble and inspect a...

Building Self-Contained, Installable Java Applications With JEP 343: Packaging Tool

Building Self-Contained, Installable Java Applications With JEP 343: Packaging Tool

infoq.com     1+ mon ago

InfoQ Homepage News Building Self-Contained, Installable Java Applications with JEP 343: Packaging Tool The OpenJDK community has released an early access build of JEP 343: Packag...

Google open-sources ClusterFuzz, a tool that has uncovered 16,000 bugs in Chrome

Google open-sources ClusterFuzz, a tool that has uncovered 16,000 bugs in Chrome

venturebeat.com     2+ mon ago

Ever heard of "fuzzing"? It's not what you think -- in software engineering, the term refers to a bug-detecting technique that involves feeding "unexpected" or out-of-bounds inputs...

Adobe, Microsoft, SAP announce Open Data Initiative

cnbc.com     6+ mon ago

SEARCH QUOTES To view this site, you need to have JavaScript enabled in your browser, and either the Flash Plugin or an HTML5-Video enabled browser. Download the latest Flash player and try again. ...

Frankie praises SCA

dailyexpress.com.my     9+ mon ago

Published on: Thursday, June 28, 2018 Kota Kinabalu: Youth and Sports Minister Frankie Poon praised Sabah Chess Association (SCA) for organising the Borneo Chess Festival 2018 at Likas Square Ballroom...

Webhint Open Source Linting Tool

infoq.com     6+ mon ago

The webhint project provides an open source linting tool to check for issues with accessibility, performance, and security. The creation of websites and web apps has an increasing numb...

Bethel's Molten Java to Host Open Mic Story Hour

patch.com     8+ mon ago

10 story-tellers will share a 5-minute true story based on the month's theme Jul 18, 2018 9:36 pm ET BETHEL, CT -- On the third Friday of each month up to 10 story-tellers will share a 5-minute true s...

Intel open-sources HE-Transformer, a tool that allows AI models to operate on encrypted data

Intel open-sources HE-Transformer, a tool that allows AI models to operate on encrypted data

venturebeat.com     4+ mon ago

Intel open-sources HE-Transformer, a tool that allows AI models to operate on encrypted data As any data scientist will tell you, datasets are the lifeblood of artificial intellig...

Hot java

Hot java

cnbc.com     3+ mon ago

SEARCH QUOTES To view this site, you need to have JavaScript enabled in your browser, and either the Flash Plugin or an HTML5-Video enabled browser. Download the latest Flash playe...

Article: Upgrading from Java 8 to Java 12

Article: Upgrading from Java 8 to Java 12

infoq.com     1+ week ago

Enterprises have traditionally been reluctant to upgrade to the latest version of Java until it has been fully proven. This is becoming increasingly challenging as we've had new v...

Microsoft, Adobe and SAP CEOs on Open Data Initiative

cnbc.com     6+ mon ago

SEARCH QUOTES To view this site, you need to have JavaScript enabled in your browser, and either the Flash Plugin or an HTML5-Video enabled browser. Download the latest Flash player and try again. ...

Sources for Flashlight and EDC Tool Reviews and Recommendations

Sources for Flashlight and EDC Tool Reviews and Recommendations

toolguyd.com     3+ mon, 52+ min ago

...

Google open sources ClusterFuzz

Google open sources ClusterFuzz

techcrunch.com     2+ mon ago

Google today announced that it is open sourcing ClusterFuzz, a scalable fuzzing tool that can run on clusters with more than 25,000 machines. The company has long used the tool in...

Java 11 Released

infoq.com     6+ mon ago

Java 11 has arrived. The new release is the first planned appearance of Oracle's long-term support (LTS) releases, although Oracle have also grandfathered in Java 8 as an LTS release t...

SCA falls to Norfolk Christian

SCA falls to Norfolk Christian

suffolknewsherald.com     3+ week ago

SCA matched up with Norfolk Christian in a non-conference softball matchup. The Lady Knights started off well in the first inning, as the game was tied at one. A big fourth inning ...

Ontario withdraws 'open for business' planning tool

theobserver.ca     2+ mon ago

This section was produced by the editorial department. The client was not given the opportunity to put restrictions on the content or review it prior to publication. Ontario is backing away from a pr...

CIDLib C++ dev tool goes open source

CIDLib C++ dev tool goes open source

infoworld.com     1+ mon ago

CIDLib, a general-purpose C++ development environment, is now open source. Note that it does use some third-party code, including a version of the Scintilla engine as the CML langu...

Sign-ups open for annual SAP Progressive Dinner

parkbugle.org     2+ mon ago

Registrations are now open for the 33th annual St. Anthony Park Progressive Dinner, which is scheduled for Saturday, March 16. Send an email to progress...

European Stocks Open Steady as Earnings Are Mixed, SAP Slumps

msn.com     6+ mon ago

You are using an older browser version. Please use a supported version for the best MSN experience. (Bloomberg) -- Once again, a promising equity rebound in Europe has been derailed by the U.S. open....

Podcast: Java Language Architect Brian Goetz on Java and the JDK

Podcast: Java Language Architect Brian Goetz on Java and the JDK

infoq.com     3+ mon ago

On this week's podcast, Wes Reisz talks with Brian Goetz. Brian is the Java Language Architect at Oracle. The two start with a discussion on what the six-month cadence has meant to...

Google partners with Unity for open-source matchmaking tool Open Match

gamasutra.com     7+ mon ago

Google has teamed up with Unity to create an open-source, but engine-agnostic, matchmaking system called Open Match. The goal of the project is to give game...

Microsoft, Adobe and SAP prepare to expand their Open Data Initiative

Microsoft, Adobe and SAP prepare to expand their Open Data Initiative

techcrunch.com     3+ week ago

At last year's Microsoft Ignite conference, the CEOs of Microsoft, Adobe and SAP took the stage to announce the launch of the Open Data Initiative. The idea behind this effort was ...

First look: SAP unveils real-time stadium operations analytics tool, in use with San Francisco 49ers

geekwire.com     5+ mon ago

by Taylor Soper on October 22, 2018 at 12:41 pmOctober 22, 2018 at 1:51 pm SANTA CLARA, CALIF. -- Technology isn't just improving athletic performance or changing the way we watch sports. It's also b...

Wrestling brings SCA another PIAA title

Wrestling brings SCA another PIAA title

newsitem.com     3+ week ago

By the end of the season, Biscoe did more than just contribute. The 113-pound grappler set a new school record for wins by a freshman as he compiled a record of 46-7 while saving h...

Google makes Chrome bug detection tool open-source

Google makes Chrome bug detection tool open-source

techradar.com     2+ mon ago

In its latest effort to aid developers in finding bugs in their software, Google has announced that its scalable fuzzing tool ClusterFuzz will now be open-source and available to a...

SAP CEO and Qualtrics CEO on SAP-Qualtrics deal

cnbc.com     5+ mon ago

McLean: There's something odd and dysfunctional going on at Wells Fargo The Lyft Driver Hub is seen in Los Angeles, California, U.S., March 20, 2019. EU Commissioner for Competition Margrethe Vestag...

SCA hosts first Middle East Media Initiative

dailytrojan.com     8+ mon ago

Salah El Gehiny, Maram Taibah and Wael Hamdy participate in a workshop. Participants workshopped their projects before shadowing figures like producer John Wells. (Emily Smith ...

Microsoft open-sources Infer.Net machine learning

infoworld.com     6+ mon ago

The technology will become part of the ML.Net framework for statistical modeling and online learning Infer.Net will become part of the ML.Net machine learning framework for .Net developers, with Infe...

Sap Fiend Steals 140 Sap Buckets From Vermont Man

Sap Fiend Steals 140 Sap Buckets From Vermont Man

nh1.com     3+ week ago

Hopkins makes award-winning maple syrup at his home in the town of St. Albans and gifts it to friends and family. He says he has since replaced many of the buckets that were locat...

Alibaba offers its own Java distribution

Alibaba offers its own Java distribution

infoworld.com     3+ week ago

Make room, Oracle, SAP, and other Java distributors. E-commerce vendor Alibaba now has its own Java distribution too, the open source Dragonwell8 Java Development Kit (JDK). The b...

Book Review: Java by Comparison

Book Review: Java by Comparison

infoq.com     4+ mon ago

"Java by Comparison; Become a Java Craftsman in 70 Examples" is an excellent book. To describe it in one sentence: it teaches you how to write better and clearer Java code. I like...

Java in 2019

Java in 2019

infoq.com     3+ mon ago

2018 has been a very interesting year for Java, as we discussed in InfoQ's roundup of the year. As we move into 2019, let's take a look at some of the things to watch for in the N...

Earthquake hits off Indonesia s Java

news.com.au     2+ mon ago

The Indonesian island of Java has been struck by a 5.9-magnitude earthquake overnight but there are no reports of damage and no tsunami warning was issued. A 5.9-magnitude earthquake has struck off t...

Article: Book Review: Optimizing Java

Article: Book Review: Optimizing Java

infoq.com     3+ mon ago

Optimizing Java, released in May 2018, is a comprehensive in-depth look at performance tuning in the Java programming language written by Java industry experts, Ben Evans, James Go...

Search Builder

(Click to add to search box)
Vulnerability Assessment Tool  software composition analysis  Static code analysis  National Vulnerability Database  Apache Software Foundation  Apache Struts Statement  security testing  Java features  SAP tool  latter decision  security analysis  application behavior  Henrik Plate  Serena E  Antonio Sabetta  Cedric Dangremont  Alessandro Pezze  NGINX Plus  InfoQ account  project documentation  security measure  detection mechanisms  transitive dependencies  applet vulnerability  source code  
**Content contained on this site is provided on an “as is” basis. 4Internet, LLC makes no commitments regarding the content and does not review it, so don't assume that it's been reviewed. What you see here may not be accurate and should not be relied upon. The content does not necessarily represent the views and opinions of 4Internet, LLC. You use this service and everything you see here at your own risk. Content displayed may be subject to copyright. Content is removed on a case by case basis. To request that content be removed, contact us using the following form: Contact Us.