Product

Products
Vulnerability Management
Automatically find and fix open source vulnerabilities in dependencies, source files local open source assets
License Compliance Management
Accurate license detection in dependencies and source code with automated source code attribution
Supply Chain Risk & Quality
Open source supply chain risk and quality data detects anomalies that put your company at risk. We automatically alert and gate threatening components
Embedded Open Source Detection
Up to 15% of your software is made from embedded open source. We can detect, report and automatically annotate your source files to ensure compliance

Services
Mergers & Acquisitions + Audits
Quick, comprehensive, and accurate open source license and vulnerability audit with actionable data and automated license annotation.
Resources

Blog Integrations & Language Support
Company

About us
Pricing
Contact

Threatrix Blog

Enterprise open source security & compliance

Category: cyber attack

The FTC Will Pursue Companies Not Patching Log4j to Protect Customer Data

Post author By Kristen Bianchi
Post date December 22, 2021
No Comments on The FTC Will Pursue Companies Not Patching Log4j to Protect Customer Data

Log4Shell exploits are present in 17,000 unpatched Log4J packages in the Maven Central ecosystem, posing a significant supply-chain risk. Google security estimates that approximately 17,000 Java packages in the Maven Central repository are vulnerable to Log4j – and that it will take “years” for it to be fixed across the ecosystem. The Log4j bug impacts […]

Tags #log4j, #opensourcesecurity

compliance cyber attack cybersecurity Open Source

Information Security Training Should Be Top Priority

Post author By Kristen Bianchi
Post date April 8, 2021
No Comments on Information Security Training Should Be Top Priority

The pressures of being a CISO are extensive and extend well past concerns of incident response time. There are pressures of maintaining budgets, reporting improved performance to stock-holders, and when the breadth and number of cyberattacks are increasing, the challenges to find qualified prospects to fill a considerable number of unfilled positions. Where does cybersecurity […]

cyber attack cybersecurity Open Source

Developers Be Aware of Open Source Attacks

Post author By Kristen Bianchi
Post date March 29, 2021
No Comments on Developers Be Aware of Open Source Attacks

Open source is systematically being attacked on the infrastructure used to distribute code. In a few years, we’ve experienced attacks on pre-existing vulnerabilities occurring months after a disclosure down to a few days. Attackers now directly hijack the publisher’s credentials and distribute malicious components.This worrisome trend requires enterprises to have in-depth knowledge of what open […]

cyber attack

IT Contractor Sentenced to 2 Years in Prison for Retaliatory Cyber Attack

Post author By Kristen Bianchi
Post date March 24, 2021
No Comments on IT Contractor Sentenced to 2 Years in Prison for Retaliatory Cyber Attack

Deepanshu Kher, an IT contractor who was caught hacking into a Carlsbad companies server was sentenced to two years in prison. He was found guilty of deleting over 1200 of its 1500 Microsoft 0365 user accounts. He was retaliating for being fired from the IT consulting firm that was assisting an unidentified company with its […]