Log4j
Critical remote code execution vulnerability affecting Apache Log4j, widely used to log security and performance information. This enabled attackers to easily steal data or take control of systems via the internet.
Software Supply Chain Risks are Evolving
Make sure your security program stays one step ahead.
Our open-source security experts will help you identify your unique risk areas, and provide customized next steps to enhance the security of your open-source pipeline.
Book Free Security ConsultationAttacks are on the Rise
Dec 2021
Jul 2021
Kaseya
A ransomware group exploited a vulnerability in software platform Kaseya, enabling a ransomware attack against thousands of companies.
Apr 2021
CodeCov
Due to an error in Codecov’s Docker image creation process, attackers were able to access a credential and ultimately steal sensitive information from Codecov customers.
Dec 2020
SolarWinds
Attackers gained access to SolarWinds development infrastructure, injecting malicious code into its Orion product. Up to 18,000 SolarWinds customers were left vulnerable, including Fortune 500 companies and several US agencies.
Regulatory Requirements are Changing
In May 2021, President Joe Biden signed an executive order mandating changes for companies that do business with the federal government to how they secure their software.
In March 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act, creating new reporting obligations for owners and operators of critical infrastructure.
Anaconda Can Help
Anaconda is rooted in the open-source ecosystem, and has deep expertise in addressing critical vulnerabilities found in open-source software. For a limited time, Anaconda is offering free 30-minute security consultations. These expert-led consultations will help you identify risks in your software supply chain, learn best practices to address those risks, and ensure you’re prepared to meet changing regulatory requirements.
Book Free Security ConsultationMeet Our Open-Source Security Experts
Hassam MianHassam is Anaconda’s lead Senior Sales Engineer. With a deep background in open-source technologies and vendor applications in the enterprise data science space, Hassam helps commercial clients across all industries implement and adopt best practices for open-source governance and vulnerability management.
Fara ManjiliFara is a Sales Engineer at Anaconda. With over 15 years of experience across technical and strategic roles including Solution Architect, Sales Engineer, Implementation, and Project Management, Fara helps commercial clients securely leverage open-source tools.
Frank YangFrank is Anaconda’s Senior Technical Account Manager. With a wealth of experience designing and implementing solutions for some of the world’s largest financial institutions, Frank helps organizations leverage open-source software to execute high-value initiatives without compromising on security and governance.
Security Insights you Can Trust
Top companies trust Anaconda to help secure their open-source pipelines
