Many of my friends and most of my family struggle to understand what it is Sonatype does and therefore what I do all day.
We help companies develop more secure software by choosing better components (building blocks of the software...like parts in your car). Many public attacks that people try to think of when I say that are often unrelated. Except this one.
The Equifax attack occurred in a known vulnerable component that was fixed and announced months before the attack. We help our customers know what components they are using, in which applications, and when these vulnerabilities are announced, so they can fix them quickly.
So, if you want to know what we're doing all day... we're trying to help companies avoid more attacks like this. On your banks. On your government. On your infrastructure. Software is everywhere, this is the new reality. Companies must assume bugs will happen, it's how you respond (or don't) that ultimately matters.
.jpg)
