Almost two years after Equifax’s massive hack, the majority of Fortune 500 companies still aren’t learning the lessons of using vulnerable software. In the last six months of 2018, two-thirds of the Fortune 500 companies downloaded a vulnerable version of Apache Struts, the same vulnerable server software that was used by hackers to steal the […]
View More Most of the Fortune 100 still use flawed software that led to the Equifax breachCategory: sonatype
Sonatype raises $80 million to build out Nexus platform
Sonatype, a cybersecurity-focused open-source company, has raised $80 million from investment firm TPG. The company said the financing will help extend its Nexus platform, which it touts as an enterprise ready repository manager and library, which among other things tracks code and helps to keep everything in the devops pipeline up-to-date and secure. It’s that […]
View More Sonatype raises $80 million to build out Nexus platformSonatype offers developers free security scan tool on GitHub
Sonatype helps enterprises identify and remediate vulnerabilities in open source library dependencies and release more secure code. Today, they announced a free tool called DepShield that offers a basic level of protection for GitHub developers. The product is actually two parts. For starters, Sonatype has a database of open source dependency vulnerabilities called OSS Index. […]
View More Sonatype offers developers free security scan tool on GitHub