Brian Fox

Brian Fox is a software developer, innovator and entrepreneur. He is an active contributor within the open source development community, most prominently as a member of the Apache Software Foundation and former Chair of the Apache Maven project. As the CTO and co-founder of Sonatype, he is focused on building a platform for developers and DevOps professionals to build high-quality, secure applications with open source components.

Follow me on:
READ MORE

White House National Cybersecurity Strategy: Landmark Action for a Critical Threat

By Brian Fox on March 02, 2023 Cybersecurity

5 minute read time

The Biden administration announced a new, historic National Cybersecurity Strategy calling for cybersecurity liability and increased investment.
Read More...
READ MORE

Is Cyber Liability Insurance a Moral Hazard in the US?

By Brian Fox on February 22, 2023 secure software supply chain

9 minute read time

Sonatype CTO and co-founder, Brian Fox, shares his thoughts on the developing role of cyber liability insurance in software supply chain management.
Read More...
READ MORE

Make Sure Your Company is Prepared for Evolving Software Liability Regulations

By Brian Fox on February 09, 2023 thought leaders

13 minute read time

Organizations should understand changes to liability and government regulation, and have the proper tools in place to protect their software supply chains.
Read More...
READ MORE

The Shifting Landscape of Open Source Supply Chain Attacks - Part 3

By Brian Fox on January 26, 2023 thought leaders

12 minute read time

Brian Fox shares insights on who’s responsible for the security of software supply chains, and how orgs can minimize impact on efficiency and speed.
Read More...
READ MORE

The Shifting Landscape of Open Source Supply Chain Attacks - Part 2

By Brian Fox on January 25, 2023 thought leaders

11 minute read time

Sonatype's Brian Fox delves into how bad actors and cybercriminals are attacking the software supply chain, and how cyberattacks continue to evolve.
Read More...
READ MORE

The Shifting Landscape of Open Source Supply Chain Attacks - Part 1

By Brian Fox on January 24, 2023 thought leaders

8 minute read time

A deep dive into how modern supply chains manage problems, and how companies looking to secure their software supply chains can learn from their mistakes.
Read More...
Illustrated picture of lightning bults with skulls raining down on 3 umbrellas
READ MORE

EU Cyber Resilience Act: Good for Software Supply Chain Security, Bad for Open Source?

By Brian Fox on December 22, 2022 secure software supply chain

10 minute read time

The Cyber Resilience Act is the European Union's proposed regulation to combat threats affecting any digital entity. What does that mean for open source?
Read More...
Gavel with government building behind it
READ MORE

A Clear Path Forward Toward More Secure and Maintainable Open Source Software

By Brian Fox on May 13, 2022 featured

7 minute read time

Sonatype CTO shares thoughts following conversations, led by OpenSSF, where industry and government came together to discuss securing open source software.
Read More...
Sonatype acquired MuseDev and full-spectrum software supply chain management
READ MORE

Why Sonatype is Acquiring MuseDev

By Brian Fox on March 16, 2021 Nexus Lifecycle

5 minute read time

Today, Sonatype acquired MuseDev, a developer-first source code analysis platform and unveiled the world’s first full-spectrum platform for strengthening cloud-native software supply chain
Read More...