Author Archives: Tim O'Brien

Most Application Vulnerabilities are “Forever Day” Vulnerabilities


April 16, 2012 By
Tim O'Brien

Zero Day threats are the kinds of things that keep security people up at night. The idea behind a zero day threat is that no one knows about a particular vulnerability until it happens. This Ars Technica article captures a new term: “Forever Day”. Software and hardware developers that identify vulnerabilities but fail to fix […]

Continue reading...

Wayne Jackson’s Presentation at RSA 2012: An Overview of Insight


April 2, 2012 By
Tim O'Brien

At RSA 2012, Wayne Jackson gave a short presentation focused on the security aspects of Sonatype Insight and the newly released Repository Health Check in Nexus Professional. This five minute overview gives you a sense of the magnitude of the problem we are trying to solve. Here are some of the highlights from Wayne’s presentation […]

Continue reading...

We’re a Java shop, we’re not going to get hacked…


March 27, 2012 By
Tim O'Brien

This article is another in a series of articles associated with our Executive Brief. To access the executive brief, “Addressing Security Concerns in Open-Source Components,” visit www.sonatype.com/securitybrief. You can follow the conversation on Twitter using the hashtag #OSSsecurity. I just wanted to reiterate the key point of yesterday’s security brief which is: “You and everyone […]

Continue reading...