Sonatype to Create Vulnerability Checker Tool

New tool is called DepShield and available in the "Security" section of the GitHub Marketplace
16 August 2018   1357

Sonatype has introduced a tool for developers called DepShield, which checks the code on GitHub for vulnerabilities.

The free version of the service is looking for vulnerabilities in the OSS Index database and gives recommendations on how to fix them. In the commercial version, you can configure automatic fixing of problems. Also in DepShield there are:

  • work with the Apache Maven framework;
  • View a list of known vulnerabilities in GitHub's Issue Tracker;
  • determine the range of versions for each vulnerability.

DepShield
DepShield

DepShield is available in the "Security" section of the GitHub Marketplace.

GitHub has introduced two new features that will help improve security and simplify the recovery of accounts. For this, the company recommends setting a strong password and two-factor authentication.

Zabbix 4.4 to be Rolled Out

Monitoring system consists of 3 components - server, "agents" (monitor software tools) and frontend
14 October 2019   50

After 6 months of development, a new version of the Zabbix 4.4 monitoring system is available, the code of which is distributed under the GPLv2 license. Zabbix consists of three basic components: a server for coordinating checks, generating test requests and collecting statistics; agents for performing checks on the side of external hosts; frontend for organizing system management.

To relieve the load from the central server and form a distributed monitoring network, a series of proxy servers can be deployed that aggregate data about the verification of the host group. Data can be stored in MySQL, PostgreSQL, TimescaleDB, DB2, and Oracle. Without agents, the Zabbix server can receive data using protocols such as SNMP, IPMI, JMX, SSH / Telnet, ODBC, and test the availability of Web applications and virtualization systems.

Get some more info at the official website.