Twitter | Search | |
Jeremy Long
builder, infosec, SCA and SAST enthusiast, blue team.
1,002
Tweets
167
Following
559
Followers
Tweets
Jeremy Long retweeted
Steve Springett Sep 20
On Friday October 12th from 11:00 - 11:30 at AppSec USA, I'll be presenting . Come check it out. I’m almost certain you'll walk away with some valuable information and perhaps some new approaches for addressing open source risk.
Reply Retweet Like
Jeremy Long retweeted
OWASP NoVA Sep 20
Are you a fan of Gauntlt? The tool's creator, James Wicket is coming to to give a talk on DevSecOps.
Reply Retweet Like
Jeremy Long retweeted
Dependabot Sep 20
If your using Dependabot with Maven you can expect a couple of extra PRs from us tomorrow morning - just schooled us on handling plugins that use the default Maven groupID. Open source works! 🙏🤖
Reply Retweet Like
Jeremy Long Sep 20
Replying to @frgx @bsterne
Even better is powershell...
Reply Retweet Like
Jeremy Long Sep 11
We like our technical debt large?
Reply Retweet Like
Jeremy Long retweeted
Jeff Williams Sep 7
Contrast's new attack surface analysis is awesome. Discovers routes you didn't even know existed. Details how URLs connect to your code. . Yours free in
Reply Retweet Like
Jeremy Long retweeted
Tanya Janca Sep 7
My friend just sent me the most AMAZING thing: . It's like Retire.JS, but for .Net! It checks your apps for known vulnerable dependencies. I can't WAIT to add this to the pipeline! Thank you: !
Reply Retweet Like
Jeremy Long retweeted
Steve Springett Sep 6
It’s been a few months since the last release but super excited about this one. Lots of goodies in here.
Reply Retweet Like
Jeremy Long retweeted
Steve Springett Sep 5
I’m looking for a new maintainer of the Dependency-Check plugin. I no longer use SonarQube and the project could benefit from someone who does. Details if interested:
Reply Retweet Like
Jeremy Long retweeted
ToolsWatch Sep 3
Update your vulnerability database. The vFeed Community Edition 09022018 is out. 1900+ new CVEs added and hundred of third party references correlated (exploits, patches, scanning signatures, IDS rules, open standards etc)
Reply Retweet Like
Jeremy Long retweeted
ToolsWatch Sep 2
This is how Professional Vulnerability & Threat Database tackles the recent vulnerability in Apache Struts 2 CVE-2018-11776 : How to patch, to measure, to test, to detect and to exploit. All indicators in 1 JSON file !!!!
Reply Retweet Like
Jeremy Long retweeted
Jim Manico Sep 1
My younger brother Michael Manico is posting some really interesting articles on cloud administration, Azure and more at Please RT the heck out of this for my brother!
Reply Retweet Like
Jeremy Long retweeted
Dependabot Aug 31
Vulnerability in rubyzip disclosed less than an hour ago. Dependabot has already created over 250 PRs to migrate users to the new, patched version.
Reply Retweet Like
Jeremy Long retweeted
Bruno Borges Aug 30
Go install `bat` right now. $ brew install bat It is like `cat`, but with wings.
Reply Retweet Like
Jeremy Long Aug 30
I talked, briefly, about doing similar protection using the Maven Shade Plugin as part of a talk I gave
Reply Retweet Like
Jeremy Long Aug 30
Even more reasons to use dependabot! I've said many times the future of SCA is going to be automated updates - fantastic work to both and !
Reply Retweet Like
Jeremy Long Aug 30
This awesome!
Reply Retweet Like
Jeremy Long retweeted
Ujjwal Sharma Aug 17
When a subway station is a better programmer than you are...
Reply Retweet Like
Jeremy Long retweeted
Aaron Patterson Aug 9
Microservices are great for turning method calls in to distributed computing problems
Reply Retweet Like
Jeremy Long retweeted
Milton Smith ☠ Aug 4
If you replace the “W” in Where, What, and When with a “T”, you answer the question. (via twitter ) < clever deep thinker
Reply Retweet Like