Ilkka Turunen

Ilkka serves as Field CTO at Sonatype. He is a software engineer with a knack for rapid web-development and cloud computing and with technical experience on multiple levels of the XaaS cake. Ilkka is interested in anything and everything, always striving to learn any relevant skills that help towards building Sonatype for success.

Spring4Shell – by the numbers

By Ilkka Turunen on April 04, 2022 component vulnerability

6 minute read time

Spring4Shell, a new 0-day RCE, is not quite as bad as Log4shell but has a wide blast radius. We dive into the numbers on how the world is fixing the issue.
Read More...

New Spring Framework RCE Vulnerability Confirmed - What to do?

7 minute read time

A new remote code execution flaw dubbed Springshell is affecting Spring-beans, exploiting a previously unknown security vulnerability.
Read More...

Sonatype Celebrates February 3rd 2022 as World Open Source Day

By Ilkka Turunen on February 03, 2022 Everything Open Source

5 minute read time

We declare February 3rd World Open Source day. Why? Our roots lie firmly in Open Source and we want to celebrate maintainers across the world & give back
Read More...

Meet an Open Source Contributor: Sal Kimmich

By Ilkka Turunen on February 03, 2022 Everything Open Source

4 minute read time

Meet Sal Kimmich one of the incredible open source contributors at Sonatype. Learn more about why and how they got into open source.
Read More...

Helping The Open Source Community Find, Fix, and Remediate Log4j

By Ilkka Turunen on December 15, 2021 vulnerabilities

5 minute read time

Assistance to protect the software supply chain from Log4j and other logging vulnerabilities. Open source intel, Pull Request Protection, SBOMs, and more.
Read More...

Log4shell by the numbers- Why did CVE-2021-44228 set the Internet on Fire?

By Ilkka Turunen on December 14, 2021 vulnerabilities

6 minute read time

What the download numbers tell us about the impact of the critical vulnerability CVE-2021-44228
Read More...

Critical New 0-day Vulnerability in Popular Log4j Library Discovered  with Evidence of Mass Scanning for Affected Applications - Latest updates

By Ilkka Turunen on December 10, 2021 vulnerabilities

7 minute read time

A serious 0-day Remote Code Execution exploit in log4j, the most popular java logging framework, was discovered today. Immediate action is needed from software maintainers.
Read More...

The Central Repository Stands to Support Sailors from Bintray - 3 steps to take now to protect your builds from failing

By Ilkka Turunen on February 08, 2021 The Central Repository

8 minute read time

We've created a practical guide for Bintray users migrating to the Central Repository to follow and ensure that use and distribution of open source components continues smoothly.
Read More...

What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository

By Ilkka Turunen on February 08, 2021 The Central Repository

10 minute read time

A step-by-step guide publishers can follow to easily migrate from Bintray/JCenter to The Central Repository
Read More...