A new widespread vulnerability that lets an attacker execute remote code affects Web development tools offered by Amazon Web Services, HP, and other companies, according to secure-coding startup Snyk.

Snyk says it will use leverage the new funding to "deploy additional product offerings that improve the secure usage of open source for developers."

The explosive growth of software containers has been a boon for agile development; but they can create hidden risks for security pros.

Henry Sowell, Technical Director for Hortonworks. spoke with CyberScoop on how open source systems allow for that flexibility and scalability, especially at a time where the onslaught of threats has never been greater.

Led by the NSA, a group of cybersecurity experts and vendors has been busy behind the scenes for more than a year, developing an open, standardized computer language for the command and control of cyber-defenses — OpenC2.

Eligible open source projects will receive HackerOne's Professional service for free.