Focusing on delivering maximum security & customer value, Christopher is dedicated to redefining Open Source Software vulnerability disclosure & management processes. Multiple years of experience within large financial and private sector security roles, Christopher has developed both security leadership and expertise in the areas of application security, incident response & strategic research planning, including the adoption and effective implementation of Open Source software.
During our CVE-2018-11776 research, after building 115 versions of Apache Struts, we had to address the challenges of recreating the execution environments.
Posted in Software Security Research | Comments Off on Apache Struts research at scale, Part 2: Execution environments
When our research findings from CVE-2018-11776 prompted us to research other vulnerabilities, the first step was building 115 versions of Apache Struts.
Posted in Software Security Research | Comments Off on Apache Struts research at scale, Part 1: Building 115 versions of Struts
Apache published details of CVE-2017-12611, the fourth critical Apache Struts remote code execution vulnerability in 2017, the day Equifax announced the breach.
Posted in Data Breach Security, Open Source Security, Software Architecture & Design | Comments Off on Examining Apache Struts remote code execution vulnerabilities
