Equifax confirmed that their high profile, high impact data breach was due to an exploit of a vulnerability in an open source component, Apache Struts CVE-2017-5638. Apache Struts is a mainstream web framework, widely used by Fortune 100 companies in education, government, financial services, retail and media.
This breach highlights the need for visibility and control into the open source in use at organizations of all sizes. As the Equifax incident shows, open source security breaches can have devastating impacts for your users as well as your brand reputation, legal exposure, and revenue.
In this webinar, Black Duck open source security experts share their analysis of what happened at Equifax and provide you with guidance to help your company avoid being the next front page news story:
- Why should organizations prioritize open source vulnerability management?
- How could a known vulnerability like this go undetected for so long?
- What is CVE-2017-5638 in depth and how can hackers exploit it?
- How can you win the race against hackers and avoid risks from future vulnerabilities?