What you should know about the latest Struts2 Vulnerability (video and podcast)

September 08, 2017 By Mark Miller

1 minute read time

UPDATE:  On Friday, September 8th, the massive breach of 143 million consumer records at Equifax was directly tied to Struts2.  

With the multiple announcements this week about struts2 vulnerabilites, we spoke with Brian Fox, CTO of Sonatype and Matt Konda, Chair, OWASP Board of Directors about what the specifics of the announcement cover and what you can do to find and protect your applications from those vulnerabilites.

The interview is in two formats. You can listen to the OWASP 24/7 Podcast, or you can view the interview below.


Tags: OSS governance, devsecops, Apache Struts2, struts2, known vulnerability

Written by Mark Miller

Mark Miller serves as the Senior Storyteller and DevOps Advocate at Sonatype. He speaks and writes extensively on DevSecOps and Security, hosting panel discussions, podcasts, and webinars on tools and processes within the Software Supply Chain.