Critical New 0-day Vulnerability in Popular Log4j Library Discovered | Read Blog

FTC Warning in Wake of Log4j: Secure Your Software Supply Chain

By Andrew Yorra on January 06, 2022 legal
Not addressing Log4shell issues are looking at more than downtime or reputation damage. U.S. regulators are considering lawsuits to enforce security.
Read More...

What to Consider When Crafting Your OSS Policy

By Filipp Kofman on July 15, 2021 legal
Building a plan for using open source software in your company means less confusion and risk. A look at some of the necessities and ideals in handling freely available code.
Read More...

Legal at DevOps Speed

By Derek Weeks on April 07, 2015 Sonatype Nexus

Paul is not part of our development team, he doesn’t want to be, and he certainly does not slow them down. But with that said, Paul knows how to work at DevOps speed. He knows legal reviews need to

Read More...