Sonatype Selected by Equifax to Support OS Governance Press Release
blog-logo Sonatype Blog

Brian Fox

Brian Fox is a software developer, innovator and entrepreneur. He is an active contributor within the open source development community, most prominently as a member of the Apache Software Foundation and former Chair of the Apache Maven project. As the CTO and co-founder of Sonatype, he is focused on building a platform for developers and DevOps professionals to build high-quality, secure applications with open source components.

Follow me on:
GDPR-Article 25
READ MORE

Secure By Design: Preparing for GDPR Should Begin With Software

By Brian Fox on May 10, 2018 data protection
To ensure GDPR compliance, appropriate safeguards must be put in place across the entire software lifecycle.
Read More...
CVE-2017-8046 Downloads-1.jpg
READ MORE

Fooled twice by the same open source problem? Shame on you. The data behind CVE-2017-8046.

By Brian Fox on March 07, 2018 known vulnerability
Organizations keep software applications safe, not by chance, but by preparation. Open source vulnerabilities like Struts 2 and Spring are going to happen, companies need continuous monitoring to
Read More...
Brian-Fox-CTO-Sonatype-Feature-Image
READ MORE

Sonatype's 10 Year Journey, with Co-founder Brian Fox

By Brian Fox on February 16, 2018 Sonatype Nexus
The fact that we are closing in on 200,000 open source instances of the Nexus Repository Manager is great to see. That transcends Maven usage. A big popular use case these days is for npm and for
Read More...
Screen Shot 2018-02-14 at 12.54.59 PM
READ MORE

Malicious Intent: Open Source Developers, Please Protect Your Users

By Brian Fox on February 14, 2018 software bill of materials
Pay attention to your own digital security as you would if you were protecting millions of others. Malicious code found in npm package conventional-changelog.
Read More...
Screen Shot 2018-02-07 at 12.48.13 PM.png
READ MORE

The Hijacking of a Known GitHub ID: go-bindata

By Brian Fox on February 07, 2018 Software Supply Chain
the creator of go-bindata deleted their @github account and someone else created a new account under the same name
Read More...
Brian Fox
READ MORE

How Many Hosted Repositories Can Nexus OSS Support

By Brian Fox on January 09, 2018 nexus oss
How many hosted repositories an Nexus OSS support?
Read More...
Google grafeas.jpeg
READ MORE

Strengthening Software Supply Chains for Everyone: Why Grafeas is a Great Idea

By Brian Fox on October 17, 2017 Nexus Lifecycle
In keeping with our long standing commitment to open innovation — Sonatype is excited to add unique value to the Grafeas community so organizations everywhere can automatically strengthen and secure
Read More...
Brians Family.png
READ MORE

Brian Fox: What does Sonatype do? What do I do all day?

By Brian Fox on September 15, 2017 Sonatype
Many of my friends and most of my family struggle to understand what it is Sonatype does and therefore what I do all day.
Read More...
GettyImages-1008096704
READ MORE

Vor Security brings OSS Index to Sonatype

By Brian Fox on June 29, 2017 vulnerability
Vor Security acquisition, extended language coverage, ossindex.net
Read More...
Twitter LinkedIn Facebook Instagram YouTube GitHub
Products
Security Research
Solutions
Resources
About
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 5 Martin Place, Sydney, NSW 2000, Australia 
London Office - 199 Bishopsgate, London EC2M 3TY

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy