Open source software

Open source software (OSS) has become an important part of many enterprise IT strategies, and OSS products are available to support a wide range of IT needs. Products such as Linux, Apache, Ubuntu, MySQL and Firefox are widely used. We look at the latest trends and technologies.

Feature 30 Jan 2023
How to make the most of a composable enterprise architecture

Enterprise software is shifting away from highly integrated stacks to cloud-native architectures that use best-of-breed and in-house components Continue Reading
News 23 Jan 2023
Trellix automates patching for 62,000 vulnerable open source projects

Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months Continue Reading

Blog Post 27 Jan 2023

Airbyte takes the biscuit for open source data integration

Airbyte is the creator of an open source data integration platform. The company has this month announced its Free Connector Programme to provide free use of any data pipeline on Airbyte Cloud that ... Continue Reading
News 23 Jan 2023

Trellix automates patching for 62,000 vulnerable open source projects

Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months Continue Reading
Feature 23 Jan 2023

Is composable business most essential technology trend to meet challenges of 2023 and beyond?

By 2024, Gartner believes that 70% of large and medium-sized enterprises will have composability as a key criteria for new application planning Continue Reading
Blog Post 16 Jan 2023

Armo goes CNCF sandbox, wider platform offering emerges

Armo is cybersecurity company. The company developed an end-to-end open source Kubernetes security platform known as Kubescape. Kubescape has now been accepted by the Cloud Native Computing ... Continue Reading
Feature 16 Jan 2023

How to design enterprise applications that are composable by default

Gartner presents a composable business index to help IT leaders assess and advance the agility of their applications Continue Reading
News 12 Jan 2023

Chrome vulnerability could have led to widespread data theft

A dangerous vulnerability in Google Chrome and Chromium-based browsers could have put billions of users’ files at risk of being stolen Continue Reading
Opinion 12 Jan 2023

Europe’s cyber security strategy must be clear about open source

Europe’s cyber security policy on open source is lagging behind the US, and despite growing government awareness of the issues, that poses a problem Continue Reading
News 11 Jan 2023

Should we be worried about malicious use of AI language models?

WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned? Continue Reading
Blog Post 01 Jan 2023

Open Assistant, the launch of a ‘ChatGPT replicant’

Newly launched and open source, Open Assistant represents the arrival of a ‘ChatGPT replicant’ for the user/developer community. The project’s intention is to create a chat-based large language ... Continue Reading
News 20 Dec 2022

Top 10 software development stories of 2022

We look at how software development has adapted to the changing economic climate over the past 12 months Continue Reading
News 19 Dec 2022

GitHub CEO: Artificial intelligence will not replace developers

Artificial intelligence will enable developers to learn at their own pace and become more productive rather than take over their jobs, says GitHub CEO Thomas Dohmke Continue Reading
News 09 Dec 2022

Iranian APT seen exploiting GitHub repository as C2 mechanism

A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading
Blog Post 07 Dec 2022

Can WebAssembly (Wasm) ease the pain of cloud-native development?

This is a contributed piece for Computer Weekly Open Source Insider written in full by Liam Randall in his role as co-creator and maintainer of CNCF wasmCloud and CEO Cosmonic - a company that aims ... Continue Reading
News 07 Dec 2022

Google, MS, Oracle vulnerabilities make November ’22 a big month for patching

Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
Blog Post 06 Dec 2022

Shaker maker, TriggerMesh launches AWS EventBridge alternative

TriggerMesh has announced Shaker, an open source AWS EventBridge (serverless event bus service) alternative. Driven by trends such as platform engineering and serverless, platform engineers, ... Continue Reading
News 05 Dec 2022

How HashiCorp is driving cloud provisioning and management

HashiCorp CEO Dave McJannet talks up how the company is supporting cloud provisioning in a hybrid environment and its investments in Asia-Pacific to capitalise on the region’s growth potential Continue Reading
News 29 Nov 2022

Cyber criminals exploiting naked TikTok ‘challenge’

Malware operators lured targets by promising them they would be able to view nude videos of TikTok users Continue Reading
News 22 Nov 2022

How Singapore’s OCBC is harnessing open source

OCBC using the OpenShift container platform to modernise its applications, reduce its reliance on proprietary software and deliver new business capabilities Continue Reading
Blog Post 07 Nov 2022

Snakes in the snow, Snowflake Snowpark for Python

Continuing to gain traction in the data management space, Snowflake wrapped up its its Snowday 2022 software release update event with one final leg in San Francisco, to form the final stop on its ... Continue Reading
Blog Post 07 Nov 2022

Kubernetes and the open-source maintainer question

While much of last month’s KubeCon-CloudNativeCon North America was focused on specific software projects, case studies and tech challenges, there was a discernible undercurrent of concern. And it ... Continue Reading
Blog Post 03 Nov 2022

All rise, Open Source Law, Policy & Practice

Technology needs law. Equally and perhaps more so, the legal industry needs to understand what is changing around information technology. Alongside the need to move off of paper-based statute books ... Continue Reading
News 03 Nov 2022

Russia risks shortage of PCs and software

Russian consumers and businesses could face a shortage of IT equipment including PCs and software Continue Reading
News 02 Nov 2022

OpenSSL vulnerabilities ‘not as bad as feared’

As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared Continue Reading
Blog Post 01 Nov 2022

Digital identity and opening up the smartwallet

When an 80 year-old relative asks you how she can use her phone to both pay for shopping and get her supermarket loyalty points, like her friends do, you know that digital wallets are a success. ... Continue Reading
Blog Post 31 Oct 2022

SonarSource: Google’s Carbon language is a successor, not a replacement, for C++

This is a guest post for Computer Weekly written by Phil Nash in his role as developer advocate at SonarSource - the company is known for its platform that developers and development teams to write ... Continue Reading
News 31 Oct 2022

Prepare today for potentially high-impact OpenSSL bug

OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed Continue Reading
News 31 Oct 2022

SoftIron’s HyperCloud to ease private cloud deployments

SoftIron claims its technology stack fully automates the provisioning of storage, compute, networking and infrastructure services, providing a fully functioning, multi-tenant cloud Continue Reading
Feature 20 Oct 2022

What do the US’s new software security rules mean for UK organisations?

The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
News 18 Oct 2022

Apache vulnerability a risk, but not as widespread as Log4Shell

A newly disclosed Apache Commons Text vulnerability may put many at risk, but does not appear to be as impactful or widespread as Log4Shell Continue Reading
News 18 Oct 2022

Virtually all vulnerable open source downloads are avoidable

Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report Continue Reading
News 11 Oct 2022

With Java 19, Oracle boosts developer productivity with an eye on the future

Major features in Java 19 will make it easier for Java developers to build applications that interface with non-Java code, among other capabilities in the 10th edition of the platform’s six-month release cadence Continue Reading
Feature 10 Oct 2022

Forrester: How to expand your API strategy

Digital bonding is a mechanism for bridging enterprise boundaries by using application programming interfaces Continue Reading
News 04 Oct 2022

Red Hat CEO on OpenShift roadmap, competitive play

Red Hat’s newly minted CEO Matt Hicks talks up OpenShift’s roadmap, the competition with VMware and opportunities in the Asia-Pacific region Continue Reading
Feature 03 Oct 2022

Key ingredients for a successful API recipe

We look at how application programming interfaces can provide connectivity to drive internal and external business processes Continue Reading
Opinion 28 Sep 2022

Security Think Tank: Three steps to a solid DevSecOps strategy

Read about how buyers can manage third-party risk when procuring applications, how to secure the software development process, and even how to affect cultural change among developers not used to thinking cyber first Continue Reading
E-Zine 27 Sep 2022

Making digital a key ingredient at Mondelez

In this week’s Computer Weekly, we talk to snack giant Mondelez, the owner of Cadbury, about how AI and data are transforming its business. SAP is increasing support costs for the first time in years – we assess the impact on customers. And a Ukrainian tech CEO tells us how his company kept going despite the Russian invasion. Read the issue now. Continue Reading
Blog Post 26 Sep 2022

A software 'six-pack' for Cloud Native Computing Foundation Kubecon USA 2022

The Computer Weekly Developer Network and Open Source Insider team is soon Detroit-bound. Why? Because the city is this year home to the Cloud Native Computing Foundation’s (CNCF) KubeCon + ... Continue Reading
News 21 Sep 2022

15-year-old Python bug present in 350,000 open source projects

A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix Continue Reading
Blog Post 16 Sep 2022

Newly formed Linux Foundation Europe provides inside track on OSS Dublin 2022

This is a guest post written by Dan Whiting, director of media relations and communications for the Linux Foundation. Whiting has filed this piece writing live this month from the Open Source ... Continue Reading
Blog Post 08 Sep 2022

Luos 'plugs' microservices into IoT

Open source software for edge and embedded distributed systems Luos has added support for the popular ESP32 multipoint control unit (MCU) to its technology cadre. In working motion, ESP32 is said ... Continue Reading
Opinion 02 Sep 2022

Security Think Tank: Shift left, shift right. What about shift everywhere?

The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading
News 31 Aug 2022

Google debuts open source bug bounty programme

Google is calling on hackers to take pot-shots at its open source projects for the first time through a new vulnerability research programme Continue Reading
Podcast 25 Aug 2022

James Hatch, BAE Systems: Computer Weekly Downtime Upload podcast

We speak to the chief digital officer at BAE Systems’ Digital Intelligence business about the challenges of “digital” in high-trust organisations Continue Reading
News 22 Aug 2022

Google Cloud and Singapore government team up on AI

Singapore’s National AI office will tap Google Cloud’s expertise in artificial intelligence to build artificial intelligence applications and train public sector officers on AI Continue Reading
Podcast 22 Aug 2022

State of open source: Computer Weekly Downtime Upload podcast

In this special edition of the Computer Weekly Downtime Upload podcast, OpenUK’s Amanda Brock speaks to Cliff Saran about open source challenges Continue Reading
News 10 Aug 2022

GitHub targets vulnerable open source components

There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted Continue Reading
News 02 Aug 2022

VMware CEO defends Broadcom deal

Raghu Raghuram is confident that Broadcom will invest in growing VMware through a broad portfolio of assets that will serve its entire customer base, not just its biggest customers Continue Reading
Blog Post 21 Jul 2022

Cilium speeds sidecar-optioned cloud-native networking

The Cilium project has reached general availability of Cilium 1.12. Great news, they’re (the Cilium team) excited… and so are we, but what is Cilium? Cilium is widely regarded as a (if not the) ... Continue Reading
News 15 Jul 2022

Log4Shell on its way to becoming ‘endemic’

US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading
Blog Post 14 Jul 2022

Keptn cooks up, becomes CNCF Incubator

The CNCF Technical Oversight Committee (TOC) has voted to accept Keptn as a CNCF incubating project. Keptn is an event-driven orchestration engine that connects observability with operations in ... Continue Reading
Podcast 14 Jul 2022

Bloomberg CTO interview: Computer Weekly Downtime Upload podcast

In this special edition of the Computer Weekly Downtime Upload podcast, Bloomberg CTO Shawn Edwards discusses real-time data and open source Continue Reading
Blog Post 05 Jul 2022

Databricks hoists mainsail on flagship open source projects

Data and AI company Databricks has announced several contributions to popular data and AI open source projects including Delta Lake, MLflow and Apache Spark. At the Data + AI Summit, the largest ... Continue Reading
News 24 Jun 2022

Developers grapple with open source software security

Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds Continue Reading
News 23 Jun 2022

SolarWinds unveils new development model to avoid a repeat of Sunburst

SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry Continue Reading
Feature 20 Jun 2022

Challenges of securing a software supply chain

The US president has issued an executive order to improve cyber security, which has ramifications across the software development supply chain Continue Reading
Blog Post 10 Jun 2022

The challenge of open source in the enterprise is not technical

There is no doubt that open source is the future of software development. But IT leaders trying to instil an open source culture in their organisation may struggle due to business practices ... Continue Reading
News 10 Jun 2022

Commercialising open source

Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business Continue Reading
News 07 Jun 2022

Software house Mega achieves holistic SaaS security with Synopsys

Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards Continue Reading
Blog Post 24 May 2022

Like a teenager, Kubernetes looks almost grown-up, yet still a bit awkward and confused

Platform: that’s the key word that sprung to mind after attending Kubecon-CloudNativeCon Europe 2022, hosted by the Cloud Native Computing Foundation (CNCF) in Valencia last week. As in, Kubernetes ... Continue Reading
Blog Post 22 May 2022

What to expect from OpenInfra Summit 2022 Berlin

Berlin, according to David Bowie, is the greatest cultural extravaganza one can imagine - it’s a city brimming with art, music, architecture, history and, of course, enlightenment. The Thin White ... Continue Reading
Blog Post 17 May 2022

OpenUK CEO: What open source really means today

Listening to OpenUK CEO Amanda Brock speaking at Percona Live 2022, the Computer Weekly Open Source Insider team noted the following thoughts from her keynote… “If you were wondering what a nice ... Continue Reading
E-Zine 17 May 2022

Digitally transforming UK power networks for renewable energy

In this week’s Computer Weekly, we find out how the UK’s power networks need to be digital transformed to be ready for renewable energy – and the role of open source. Wi-Fi 6 was meant to give a boost to wireless connectivity – we examine why adoption has stalled. And we look at what a quantum datacentre might be like. Read the issue now. Continue Reading
News 13 May 2022

Open source community sets out path to secure software

A 10-point plan to improve the security and resilience of open source software was presented this week at a summit in the US Continue Reading
News 11 May 2022

IBM lived up to its neutrality promise to Red Hat

Red Hat CEO Paul Cormier claims IBM has lived up to its commitment to maintain the neutrality of Red Hat three years on Continue Reading
News 10 May 2022

NetApp’s cloud-era storage competitors in ‘world of hurt’

NetApp is busily reinventing itself as a cloud services provider, with its competition years behind, according to its public cloud vice-president Continue Reading
Blog Post 05 May 2022

Alibaba open sources privacy-preserving computation

Alibaba Group’s global research initiative Alibaba DAMO Academy has made the source code of its latest federated learning platform FederatedScope, a comprehensive platform with easy-to-use ... Continue Reading
News 11 Apr 2022

Open source CMS platform Directus patches XSS bug

A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data Continue Reading
Feature 11 Apr 2022

The role of infrastructure as code in edge datacentre computing

As datacentre computing is pushed to the edge of the organisation’s network, IT has to address the overheads associated with remote server management Continue Reading
News 08 Apr 2022

Was Spring4Shell a lot of hot air? No, but...

Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better Continue Reading
E-Zine 07 Apr 2022

CW Middle East: UAE and UK researchers work on ‘trustworthy’ cloud OS for datacentres

Imperial College London is embarking on a three-year project with an Abu Dhabi-based group of researchers to find ways for datacentre operators and cloud providers to secure their infrastructure. Also read how Dubai is positioning itself to reap the benefits of a promising global market for drone technology. Continue Reading
News 05 Apr 2022

Hackathon team uses origami in James Webb Space Telescope Pi project

The James Webb Space Telescope was the inspiration behind a NASA challenge which uses an IoT device based around folded paper Continue Reading
News 31 Mar 2022

Spring4Shell zero-day sprung on security teams

Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it? Continue Reading
News 29 Mar 2022

Wave of Log4j-linked attacks targeting VMware Horizon

Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading
Blog Post 29 Mar 2022

Aerospike ‘sharpens cloud’ for disparate real time data

Real-time data company Aerospike Inc. has sharpened its scope this month to now provide two new deployments for the Aerospike Real-time Data Platform. Why has Aerospike done this? It’s all about ... Continue Reading
E-Zine 29 Mar 2022

Ten years of the Raspberry Pi

In this week’s Computer Weekly, as the Raspberry Pi reaches its 10th anniversary, we look back on how the low-cost computing device went from schools to supercomputers and even into space. Gartner offers tips on how to motivate IT staff in a hybrid working environment. And we meet the Dutch hackers helping to secure the internet. Read the issue now. Continue Reading
Blog Post 08 Mar 2022

Sonatype’s sonar-smart sonata for open source

Nobody quite knows why Sonatype is called Sonatype, the developer-friendly tools specialist for software supply chain automation and security doesn’t make a song and dance about its moniker. Sona ... Continue Reading
Blog Post 04 Mar 2022

CNCF now incubating Knative for serverless & event-driven apps

Knative (pronounced kay-native) has just been accepted as a Cloud Native Computing Foundation (CNCF) Incubating Project. This status happens when the CNCF Technical Oversight Committee (TOC) votes ... Continue Reading
Blog Post 14 Feb 2022

Trousseau turns up truss torque for Kubernetes

Protecting access to sensitive data in Kubernetes is complicated. Some would go far enough to say that the security layer in Kubernetes is not optimal. Named after the French for ‘truss’ or ‘turn ... Continue Reading
News 09 Feb 2022

How Carrefour is lowering its Oracle footprint

Migrating core business applications requires a multi-pronged approach, so what remains on-prem, and where does SaaS fit? Continue Reading
Feature 07 Feb 2022

How open source is shaping data storage management

Open source data storage offers a great deal of flexibility, but unlocking its benefits will require strong technical resources to meet requirements such as stability, high availability and security Continue Reading
Feature 02 Feb 2022

Finland brings cryostats and other cool things to quantum computing

Not only is Finland the clear leader in refrigeration technology for quantum computers, but it also leads in fundamental research into the underlying quantum information theory Continue Reading
Blog Post 01 Feb 2022

Codefresh combats 'stale DevOps' with pipeline-speed optimisations

Code does go ‘stale’, of course. Software application development code (and many of the data reserves, pools, sets, marts, warehouses and lakes) that programmers engineer into the fabric of modern ... Continue Reading
News 01 Feb 2022

Dutch software engineers join campaign for research funding

Software researchers from all over Europe are sounding the alarm: to maintain a strong international competitive position, more financial resources must be committed to software research Continue Reading
Blog Post 28 Jan 2022

Low code goes open source: Appsmith is the Ferrari-factor

People (well, British people, Americans and many others) think that the name Smith is a comparatively dull moniker to be blessed with and that Ferrari speaks of Italian flair and passion. In truth, ... Continue Reading
News 27 Jan 2022

Nightmare Log4Shell scenario averted by prompt, professional action

Prompt and professional community response to the Log4Shell disclosure means the dangerous and widespread vulnerability has not been exploited to the extent many had feared Continue Reading
Blog Post 27 Jan 2022

The road less travelled paves the path to stealth disruption

During the recent Ocado Re:Imagined event, the company’s founder and CEO, Tim Steiner, discussed how stealth disruptors were used to invent something he described as “really radical”. Really ... Continue Reading
News 26 Jan 2022

PwnKit bug endangers Linux distributions worldwide

Qualys researchers share intel on a memory corruption vulnerability in a program installed by default on every major Linux distribution Continue Reading
Feature 24 Jan 2022

How Forensic Architecture uses tech to protect human rights

Forensic Architecture speaks to Computer Weekly about how it uses various digital technologies to investigate human rights abuses around the globe, including the pushback of migrants over the Greek border and the killing of Mark Duggan by London police Continue Reading
Blog Post 19 Jan 2022

SUSE offers a Neu approach to container security, opens NeuVector codebase

SUSE has announced the NeuVector codebase to the open source community on GitHub. The German softwarehaus claims that NeuVector the first truly open source end-to-end [container] security ... Continue Reading
Opinion 22 Dec 2021

A trial relying on computer evidence should start with a trial of the computer evidence

Learning from the Post Office Horizon scandal - the most widespread miscarriage of justice in recent British legal history Continue Reading
News 21 Dec 2021

Top 10 software development stories of 2021

Business recovery is leading to more emphasis on software projects. Here are Computer Weekly’s top 10 software development stories for 2021 Continue Reading
Blog Post 09 Dec 2021

GitHub suffers no bluffers in search to uncover & discover

GitHub has unveiled a technology preview. This time, the update is focused on making improvements to searching code on the platform itself. In the shadow of enterprise search now growing to become ... Continue Reading
News 02 Dec 2021

Pandora Papers: How journalists mined terabytes of offshore data to expose the world’s elites

Six hundred journalists spent over a year mining 2.94 terabytes of data that revealed offshore companies and the politicians, world leaders and celebrities who secretly owned them Continue Reading
Blog Post 25 Nov 2021

OpenUK widens open path to carbon-neutral future

Computer Weekly recently reported on open source championing not-for-profit OpenUK puts forward plan to reduce the environmental impact of datacentres, with an emphasis on encouraging site and ... Continue Reading
Opinion 24 Nov 2021

The value of open source in Europe

Open source offers immense benefits across the private and public sector and enables organisations to tap into world-class expertise Continue Reading
Blog Post 23 Nov 2021

Pants is not pants, open source build system is good

Branding can be a dangerous thing; name conventions do not always translate. There’s a whole list of these from Bimbo bread to the reason that the Vauxhall Nova (no go) doesn’t work in Spanish… and ... Continue Reading
Opinion 23 Nov 2021

How software development will change in 2022

Businesses need a pipeline of software-enabled functionality that has to be delivered quickly and reliably without overworking software teams Continue Reading
E-Zine 23 Nov 2021

Can the tech community show us how to save the world?

In this week’s Computer Weekly, we report from the COP26 conference on how the tech world’s collaborative open source model could help tackle climate change. Gartner has urged IT leaders to rethink their role as business come to rely on digital technologies. And we ask if your office security is at risk as staff return. Read the issue now. Continue Reading
News 12 Nov 2021

OpenUK debuts carbon-negative datacentre blueprint at COP26

Open source championing not-for-profit OpenUK puts forward plan to reduce the environmental impact of datacentres, with an emphasis on encouraging site and hardware reuse Continue Reading
E-Zine 11 Nov 2021

CW Benelux: Dutch IT company rips up the HR rule book for better work-life balance

One Dutch tech firm has used learnings from the pandemic to rip up its HR rule book and implement an official work-from-home policy. In fact, Infolearn has gone further than hybrid working, with a personal mobility budget for staff and a four-day working week, all with retention of full-time salary. Also in this issue, read how Dutch education administrators appear to be underestimating the threat of cyber crime. Continue Reading