Hey everyone, I have been presented with a problem that I cannot imagine is unique - and I hope that someone out there can point me in the right direction!
I am responsible for an application deployed in a JBoss environment where we use a number of 3rd party libraries - obviously the JBoss stuff, plus Spring, Hibernate, Castor, commons-*, and a couple of dozen other jars. At one of our customers their IS team has turned around and presented us with a security schedule, mapping types of vulnerability to various categories. They are fairly...aggressive...in their expectations in updating components that have problems. I would like to be able to stay (at least) one step ahead of them and actively monitor for announcements of problems and fixes. Is anyone aware of any tools/services out there that would let us say which tool/ library we are interested in and get regular notifications of problems? Like I say - I can't imagine this is unique. In a bigger organisation I'm sure we'd have our own team to do this monitoring, but we are a relatively small company and given the number of libraries out there we make use of (often transitively, making things more complex) this would soak up a vast amount of resources. Thanks... Camden -- You received this message because you are subscribed to the Google Groups "The Java Posse" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
