Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Security Processes at the Apache Software Foundation [Video/Podcast]

DZone's Guide to

Security Processes at the Apache Software Foundation [Video/Podcast]

In this video, two security experts discuss the vulnerability found recently in Apache Struts 2 that played a role in the Equifax breach.

· Security Zone
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

In our continuing series on the Struts2 vulnerability announcement and the breach at Equifax, we spoke with Mark Thomas, Director, Apache Software Foundation, and Brian Fox, CTO, Sonatype to clarify the processes ASF goes through when a vulnerability is found within one of their projects.

If you don't have access to YouTube, you can listen to the podcast.


About Mark Thomas
Mark is currently employed by Pivotal where he spends most of his time working on Apache Tomcat. At the Apache Software Foundation, Mark is a committer and PMC member for Apache Tomcat as well as other projects. At the foundation level, he is an ASF member, a member of the security and trademarks committees, is an infrastructure volunteer and a Director. Mark speaks regularly on Apache Tomcat including at ApacheCon.

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
security ,equifax ,data security ,struts 2 ,apache

Published at DZone with permission of Mark Miller, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}