Many of my friends and most of my family struggle to understand what it is Sonatype does and therefore what I do all day.
We help companies develop more secure software by choosing better components (building blocks of the software...like parts in your car). Many public attacks that people try to think of when I say that are often unrelated. Except this one.
The Equifax attack occurred in a known vulnerable component that was fixed and announced months before the attack. We help our customers know what components they are using, in which applications, and when these vulnerabilities are announced, so they can fix them quickly.
So, if you want to know what we're doing all day... we're trying to help companies avoid more attacks like this. On your banks. On your government. On your infrastructure. Software is everywhere, this is the new reality. Companies must assume bugs will happen, it's how you respond (or don't) that ultimately matters.
.jpg?width=150&height=150&name=fox-2016-1-sq%20(1).jpg)
Brian Fox, CTO and co-founder of Sonatype, is a Governing Board Member for the Open Source Security Foundation (OpenSSF), a Governing Board Member for the Fintech Open Source Foundation (FINOS), a member of the Monetary Authority of Singapore Cyber and Technology Resilience Experts (CTREX) Panel, a ...
Explore All Posts by Brian FoxTags
Try Nexus Repository Free Today
Sonatype Nexus Repository is the world’s most trusted artifact repository manager. Experience the difference and download Community Edition for free.