Sonatype Selected by Equifax to Support OS Governance Press Release
blog-logo Sonatype Blog

Brian Fox

Brian Fox is a software developer, innovator and entrepreneur. He is an active contributor within the open source development community, most prominently as a member of the Apache Software Foundation and former Chair of the Apache Maven project. As the CTO and co-founder of Sonatype, he is focused on building a platform for developers and DevOps professionals to build high-quality, secure applications with open source components.

Follow me on:
crime scene
READ MORE

Open Source Software Is Under Attack; New Event-Stream Hack Is Latest Proof

By Brian Fox on November 27, 2018 vulnerabilities

Earlier this year, I detailed a new battlefront for open source software based on the fact that bad actors are increasingly polluting public wells like npm

Read More...
LC 1
READ MORE

Deja Vu All Over Again - Another New Apache Struts Vulnerability (CVE-2018-11776)

By Brian Fox on August 23, 2018 Nexus Lifecycle

Another remote code execution vulnerability in Apache’s Struts2 Framework was disclosed late yesterday - leaving many feeling like they’re having Deja Vu.

Read More...
code-coding-computer-34676
READ MORE

Microsoft and Github: Open source’s future is brighter than ever

By Brian Fox on June 13, 2018 github

Last Monday, the open source developer community woke up to news that GitHub was being acquired by Microsoft for an incredible $7.5 billion. For many, there

Read More...
READ MORE

Making sure our users don't zip-slip and fall

By Brian Fox on June 05, 2018 The Central Repository

Security vulnerabilities in open source software are a fact of life. Sonatype has extensive automated monitoring systems in place designed to discover zero

Read More...
READ MORE

Enhancing SSL Security and HTTP/2 support for Central

By Brian Fox on May 21, 2018 Central

The march of standards continues unabated. Legacy TLS protocols 1.0 and 1.1 have varying weaknesses that could lead to a false sense of security. 

In June, in

Read More...
GDPR-Article 25
READ MORE

Secure By Design: Preparing for GDPR Should Begin With Software

By Brian Fox on May 10, 2018 data protection

Software is no longer written from scratch -- it’s assembled.

Read More...
CVE-2017-8046 Downloads-1.jpg
READ MORE

Fooled twice by the same open source problem? Shame on you. The data behind CVE-2017-8046.

By Brian Fox on March 07, 2018 known vulnerability

Organizations keep software applications safe, not by chance, but by preparation. Record breaking exploits in 2017 suggest that companies were simply not

Read More...
Brian-Fox-CTO-Sonatype-Feature-Image
READ MORE

Sonatype's 10 Year Journey, with Co-founder Brian Fox

By Brian Fox on February 16, 2018 Sonatype Nexus
Read More...
Screen Shot 2018-02-14 at 12.54.59 PM
READ MORE

Malicious Intent: Open Source Developers, Please Protect Your Users

By Brian Fox on February 14, 2018 software bill of materials

For the second time in as many weeks we’re seeing the fallout of missteps taken by publishers of open source components. It was just last week that I wrote

Read More...
Products
Customers
Resources
About
Social
Twitter LinkedIn Facebook Instagram YouTube
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 5 Martin Place, Level 14, Sydney 2000, NSW, Australia 
London Office - 1 Primrose St, London EC2A 2EX

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy