Date: May 1st at 12:00PM EDT / 9:00AM PDTmore
Popular websites and millions of Internet users scrambled to update software and change passwords Wednesday, after a security bug in crucial encryption code was disclosed sooner than researchers had planned.
Facebook Inc. and Yahoo Inc.'s blogging site Tumblr advised users to change their passwords because of the so-called Heartbleed bug. Canada's tax agency shut its filing website as a precaution, weeks before its April 30 filing deadline.
Websites for Airbnb Inc., the Four Seasons hotel chain and Netflix Inc. were vulnerable for a time, said Wayne Jackson, CEO of Sonatype Inc., which manages open-source software. Airbnb and Netflix said they had updated their software. Four Seasons didn't immediately respond to a request for comment.more
Security researchers have uncovered a fatal flaw in a key safety feature for surfing the Web – the one that keeps your email, banking, shopping, passwords and communications private.more
Date: May 22, 2014
Time: 6:00 PM EDT
Join Ryan Berg as he shares real world data on component risks, outlines the scope of the problem, and proposes approaches for managing these risks. You'll learn how security professionals can work cooperatively with application developers to reduce risk AND boost developer efficiency.more
In December of 2013, the FS-ISAC Third Party Software Security Working Group released new controls to manage risk associated with open source libraries and components.
These controls recommend financial institutions apply policy management and enforcement as well as inventory management for open source libraries and components used in their application portfolio. To learn more about best practices for managing risk from 3rd party software and open source components, stop by our booth.more
Software development is increasingly being typified by a componentized approach. A single application might consist of code and component modules from a multitude of different sources. While this increases agility and allows developers to truly utilize best of breed aspects of the application, it also creates a minefield of security issues.more
SAN FRANCISCO, CA – February 24, 2014 Sonatype, the software company that enables developers to rapidly build secure software while also eliminating compliance and licensing risk, today announced that its component lifecycle management (CLM) analysis technology has been integrated with HP’s cloud-based software security solution – HP Fortify on Demand.more