Tag Archives: heartbleed

Author, Beau Woods

Heartbleed, Shellshock, and Erosion of Third-Party Trust

Heartbleed, Shellshock, and Erosion of Third-Party Trust

TL;DR Today’s software inherently depends upon unreliable computer code. Devices that have the ability to impact public safety and human life should have a trust model based on assurance, not assumption. Our failure to manage the software supply chain undermines our ability to predict and manage effects of root cause issues like Shellshock and Heartbleed. A necessary

Author, Brian Fox

4 Open Source Components You Need to Update Right Now

Heartbleed has put the security community on notice: it is time to take a harder look at the security status of open source components and frameworks. After doing a little industry research on downloads from the (Maven) Central Repository, I’m sitting here with my jaw hanging open. Over 46 million Java-based open source components containing