Insecure at Any Speed

By Mike Hansen on September 18, 2017 Open Source

5 minute read time

Because of the pervasive use of of open source software and the poor open source security practices, bad actors simply lie in wait for opportunity to knock.
Read More...

Equifax and Struts: An Ounce of Prevention is Worth a Pound of Cure.

By Matt Howard on September 14, 2017 open source governance

3 minute read time

A $50 billion dollar question is begged. What, if anything, could Equifax have done differently to prevent the Struts breach from happening?
Read More...

Remediation at Scale: Lessons from PayPal for the Equifax Security Team

By Derek Weeks on September 13, 2017 devsecops

2 minute read time

PayPal Lessons for the Equifax Security Team regarding the Struts2 related breach.
Read More...

Sonatype Statement: Struts2 and Equifax Breach

By Matt Howard on September 11, 2017 Open Source

2 minute read time

Organizations like Equifax who leverage open source are responsible for practicing hygiene in a timely manner when fixes for vulnerabilities are available.
Read More...