Tag Archives: component vulnerability

Nigel’s Wake-up Call: Scaling Open Source Governance


November 3, 2014 By
Derek Weeks
shock

The Wake-up Call They had downloaded over 200,000 open source components in the past year.  And their open source policy…the one established to protect against license risks and security vulnerabilities?  It covered about 3% of them. This is how Nigel Simpson, Director of Architecture at a major media and entertainment company, described his organization’s “huge” […]

Continue reading...

Are we doing enough to prevent future “bleeding hearts”?


April 11, 2014 By
Wayne Jackson
Heartbleed Bug

As the HeartBleed bug wreaked havoc on the internet over the past few days, we at Sonatype began thinking about the lessons learned from this recent scare and how, collectively, we can develop a process for mitigating the next major exposure.

Continue reading...