One in Six Developers in Healthcare Report Open Source Breaches | Press Release
blog-logo Sonatype Blog

RESOURCES

Content

Sonatype Partners

Community

Upcoming Events

SON_Display_Improve_Security_250x360@2x

Featured Article

Nexus Intelligence Insights:CVE-2020-13935 - Apache Tomcat Websocket - Denial of Service (DoS)

By Akshay 'Ax' Sharma on July 29, 2020 vulnerabilities

July’s Nexus Intelligence Insight takes a deep dive into a Denial of Service (DoS) vulnerability impacting the popular Apache Tomcat Websocket component.

Read More...

SHARE:

Filter by:
Slide9.png
READ MORE

Struts2 Breach at Equifax was 100% Preventable. Here's how.

By Ilkka Turunen on September 20, 2017 Nexus Lifecycle
The breach at Equifax is a siren call for organizations to approach the problem of managing open source software by using automated technology.
Read More...
ASF - 700 x 700.png
READ MORE

Security Processes at the Apache Software Foundation (video and podcast)

By Mark Miller on September 15, 2017 Struts
In our continuing series on the Struts2 vulnerability announcement and the breach at Equifax, we spoke with Mark Thomas, Director, Apache Software Foundation
Read More...
iStock-502159069-1.jpg
READ MORE

A Struts2 Vulnerability Hurricane: Deserialization

By Derek Weeks on September 06, 2017 Struts
Attackers are widely exploiting a new vulnerability in Apache Struts2 that allows them to remotely execute malicious code on web servers.
Read More...
READ MORE

The 2014 Survey: Marked by an Industry Shock Wave

Wow! What an amazing turnout we had for our 4th annual survey: 3,353 participants this year brings us to over 11,000 participants in the four years we’ve run this survey. I would like to extend a BIG

Read More...
READ MORE

Walking in the Open Source Component Garden

Its not everyday I can stop to enjoy my afternoon tea outside on my deck, overlooking my garden. But today I did and while admiring my beautiful blooming flowers, I started to draw some parallels

Read More...
READ MORE

5 Things You Need to Know About Open Source Components

You can't get away from it. Thousands of open source components are being used in every industry, every day, to quickly build and deploy applications. For those not in the security industry, it's

Read More...
READ MORE

4 Open Source Components You Need to Update Right Now

Heartbleed has put the security community on notice: it is time to take a harder look at the security status of open source components and frameworks. After doing a little industry research on

Read More...
READ MORE

Important: Apache Struts Framework Security Alert

By Derek Weeks on August 13, 2013 Sonatype Says
Important: Apache Struts Framework Security Alert
Read More...
Twitter LinkedIn Facebook Instagram YouTube GitHub
Products
Security Research
Solutions
Resources
About
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 5 Martin Place, Sydney, NSW 2000, Australia 
London Office - 168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy