OStatic

Last week, members of the Ruby community received word that all but the most recent versions of the language contain a serious security hole, and should be upgraded immediately. The announcement indicated that the security problem allows an attacker to potentially execute arbitrary code from a remote location. Other than that general description, what is the problem? Well... the powers that be aren't telling. Zed Shaw, decided to blog about this, announcing the vulnerabilities, as well as the techniques that he used to uncover them.

Many companies are beginning to see the intrinsic value of open source software for the enterprise but as businesses piecemeal solutions together from a variety of options, it's easy to lose track of each app's updates and revisions -- leading to potential security issues from unknown or undocumented code. Increasingly, businesses are turning to security companies like Palamida to analyze their in-use source code for security risks and other vulnerabilities. OStatic caught up with Palamida's vice president of product marketing, Theresa Bui-Friday, for insight into why undocumented source code can leave a company at risk for compliance and legal issues.