@tomitribe profile picture
Tomitribe @tomitribe

A proud #OpenSource supporter: @TheASF: #ActiveMQ #Tomcat @ApacheTomEE. @MicroProfileIO @JakartaEE

Joined October 2012
  • Tweets 2,818
  • Following 366
  • Followers 3,119
794 Photos and videos
Open source isn’t the issue. Reacting too late is. If security only starts after a CVE is disclosed, you’re already behind. Plan ahead, don’t catch up. buff.ly/yVYOTOY #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
88
CVE-2026-24733 is an #ApacheTomcat vulnerability tied to HTTP/0.9, but its impact isn’t always clear. We’re live tomorrow. Don’t miss it. Join Jon, Cesar, and David as they break down risk and exposure. 📅 Apr 22 at 10AM PT bit.ly/3Qep1KC
1
202
CVE-2026-24733 is an #ApacheTomcat vulnerability tied to HTTP/0.9, but its impact isn’t always clear. Join our team live to break down risk and exposure. Also covering: - CVE-2026-24734 - CVE-2025-66614 📅 Apr 22 at 10AM PT Save your spot: bit.ly/3Qep1KC
1
405
Open source isn’t the risk. A reactive security model is. If you are only responding after CVEs are disclosed, you are already behind. Guide: bit.ly/49VyZbi #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
1
1
102
Release plans follow features. Security follows risk. Enterprise support delivers critical fixes to your current version — no full upgrade required. Guide: bit.ly/49VyZbi #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
1
1
100
Feature releases follow a roadmap. Security doesn’t. Enterprise support bridges the gap — delivering targeted security fixes without forcing a full upgrade. Guide: bit.ly/49VyZbi #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
69
The ultimate threat is the zero-day. No disclosure. No patch. No fix. If you’re targeted, your team is alone in live incident response. The Survival Guide: bit.ly/49VyZbi #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
110
Open source runs on shared contribution — not guaranteed support. When a CVE appears, your team becomes the maintainer unless you have commercial backing. That’s the hidden operational cost. The Survival Guide: buff.ly/RSD4Io4 #OpenSource #OSSSecurity #SoftwareLifecycle
1
1
161
Open source runs on shared contribution – not guaranteed support. When a CVE hits, your team becomes the maintainer unless you have commercial backing. That’s the hidden cost. The Survival Guide bit.ly/49VyZbi #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
1
2
156
Most open source projects come with no warranty or contractual obligation to fix security issues. When vulnerabilities impact production, responsibility usually sits with the organization using it—not the project. That gap changes your risk model. Guide bit.ly/49VyZbi
1
1
127
Most open source comes with no warranty. No SLA. No obligation to fix security issues. If you're running it in production, that’s a risk. Our guide explains what this means and how to prepare: bit.ly/49VyZbi #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
1
1
109
Open source risk rarely shows up at install time. It shows up later—when versions age, patches lag, and security vulnerabilities surface. Lifecycle planning matters. bit.ly/49VyZbi #OpenSource #OSSSecurity #SoftwareLifecycle
2
1
210
Open source isn’t “set and forget.” Lifecycle challenges often appear later— security vulnerabilities, or when using older versions that are no longer maintained. Full guide: bit.ly/49VyZbi #OpenSource #OSSSecurity #RiskManagement #SoftwareLifecycle
1
205
⏰ Tomorrow: Breaking Tomcat (Live) Watch real-world exploitation of recent Tomcat CVEs—and learn how to lock down production systems. 🗓 Jan 28 | 10:00 AM PST 👉 Last chance to register: bit.ly/3NrI9Ua #ApacheTomcat #JavaSecurity #DevSecOps
0:06
2
3
674
🚨 Breaking Tomcat (Live Demo – Round 2) See how real attackers exploit Apache Tomcat—and how to stop them. ✅ Live CVE exploitation ✅ Common misconfig & patch gaps ✅ Practical hardening steps 🗓 Jan 28 | 10:00 AM PST 👉 bit.ly/3NrI9Ua #ApacheTomcat #JavaSecurity
0:05
1
488
Becoming an Open Source contributor doesn’t happen overnight. Apache TomEE committer (and Tomitribe friend) Daniel Dias shares his journey and tips for getting started. 👉 bit.ly/3Nu1YKp #OpenSource #ApacheTomEE
1
350
Tomitribe@tomitribe
30 Dec 2025
Thank you for trusting Tomitribe with your mission-critical systems this year. In 2026, we’ll continue delivering the enterprise-grade support & security your teams rely on every day. Happy New Year from all of us at Tomitribe #OpenSource #TomEE #Tomcat #ActiveMQ #EnterpriseJava
0:10
3
5
478
Tomitribe@tomitribe
10 Dec 2025
¡Partes 1 y 2 ya disponibles! Aprende de la mano de Carlos Chacín @cchacin la creación de aplicaciones con @MicroProfileio 6.1 Java 25 en #ApacheTomEE con ejemplos reales y funcionales cubriendo varias de las especificaciones principales. Parte 1 buff.ly/M6hsIeN
3
4
510
Tomitribe@tomitribe
9 Dec 2025
🚨 Tomorrow, we break Tomcat — live Join us as we exploit real Tomcat CVEs, then walk through the fixes hardening steps — live demo Q&A. Can’t make it? Register anyway, & we’ll email the recording. Register now → bit.ly/48hxhic #ApacheTomcat #Security #CVE #Java
0:05
1
1
258
Tomitribe@tomitribe
4 Dec 2025
Even trusted software can turn risky fast. 🛠️ Breaking Tomcat — LIVE demo We’ll exploit real Tomcat CVEs live, explain how attackers use them, and share practical hardening steps. 📅 Dec 10 • 10am PST 🎥 Crowdcast 👉 Join live: bit.ly/48hxhic #Tomcat #opensource
0:05
1
520
Load more