By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

PreferencesRejectAccept
Manage Consent Preferences by Category
Essentials
Always active

Necessary for the site to function. Always On.

Used for targeted advertising.

Remembers your preferences and provides enhanced features.

Measures usage and improves your experience.

Reject AllAccept All
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Featured Posts

Angular 18 Has Officially Reached Full End-of-Life — What That Means for Your App Today
Products
Nov 24, 2025
Angular 18 Has Officially Reached Full End-of-Life — What That Means for Your App Today
Angular 18 just entered the danger zone. Here’s what that means for your security, your roadmap, and how to stay protected without rushing a rewrite.
Why Modern Java Broke Struts — and How to Keep Your Apps Running on Today’s Servers
Products
Nov 20, 2025
Why Modern Java Broke Struts — and How to Keep Your Apps Running on Today’s Servers
The javax → jakarta shift broke backward compatibility for every Struts 1.3 and 2.x application. Here’s how to modernize safely without a rewrite.
The Transitive Dependency Dilemma: Choices to Make When Projects Evolve at Different Speeds
Security
Nov 18, 2025
The Transitive Dependency Dilemma: Choices to Make When Projects Evolve at Different Speeds
Why you should think about stability as well as security when CVE's show up in transitive dependencies

All Posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Security
Press Release
Products
Thought Leadership
Products
Nov 24, 2025
Angular 18 Has Officially Reached Full End-of-Life — What That Means for Your App Today
Angular 18 just entered the danger zone. Here’s what that means for your security, your roadmap, and how to stay protected without rushing a rewrite.
HeroDevs
HeroDevs
Share this post via:
herodevs.com/blog-posts/
angular-18-has-officially-reached-full-end-of-life----what-that-means-for-your-app-today
Products
Nov 20, 2025
Why Modern Java Broke Struts — and How to Keep Your Apps Running on Today’s Servers
The javax → jakarta shift broke backward compatibility for every Struts 1.3 and 2.x application. Here’s how to modernize safely without a rewrite.
HeroDevs
HeroDevs
Share this post via:
herodevs.com/blog-posts/
why-modern-java-broke-struts----and-how-to-keep-your-apps-running-on-todays-servers
Security
Nov 18, 2025
The Transitive Dependency Dilemma: Choices to Make When Projects Evolve at Different Speeds
Why you should think about stability as well as security when CVE's show up in transitive dependencies
Bob McNees
Bob McNees
Share this post via:
herodevs.com/blog-posts/
the-transitive-dependency-trap-how-safe-cve-fixes-break-your-java-apps
Thought Leadership
Nov 17, 2025
The Open Source Supply Chain Is Maturing—But Support Still Lags Behind
Visibility isn’t enough—true open source security requires ongoing support. HeroDevs closes the lifecycle gap by delivering SLA-backed patches and compliance-ready updates for EOL components across your stack.
Parin Shah
Parin Shah
Share this post via:
herodevs.com/blog-posts/
the-open-source-supply-chain-is-maturing--but-support-still-lags-behind
Security
Nov 13, 2025
Apache Tomcat October 2025 Vulnerabilities: What You Need to Know
CVE-2025-55752 | CVE-2025-55754 | CVE-2025-61795
HeroDevs
HeroDevs
Share this post via:
herodevs.com/blog-posts/
apache-tomcat-october-2025-vulnerabilities-what-you-need-to-know
Thought Leadership
Nov 12, 2025
When AI Models Depend on Unsupported Code: A New Risk for ML and Data Teams
Why unsupported open-source libraries pose hidden risks for modern AI, ML, and data teams—and how long-term support keeps models secure.
HeroDevs
HeroDevs
Share this post via:
herodevs.com/blog-posts/
when-ai-models-depend-on-unsupported-code-a-new-risk-for-ml-and-data-teams
Security
Nov 11, 2025
A Practical Decisionmakers Guide To Responding to CVE-2025-55315
What CTOs, CISOs, and DevSecOps Pros Need to Know About CVE-2025-55315
Hayden Barnes
Hayden Barnes
Share this post via:
herodevs.com/blog-posts/
a-practical-decisionmakers-guide-to-responding-to-cve-2025-55315
Security
Nov 10, 2025
Tomcat CVE Roundup: 3 New Vulnerabilities You Can’t Ignore
October 2025 Apache Tomcat Vulnerabilities: CVE-2025-55752, CVE-2025-55754 & CVE-2025-61795 | HeroDevs NES for Tomcat
HeroDevs
HeroDevs
Share this post via:
herodevs.com/blog-posts/
tomcat-cve-roundup-3-new-vulnerabilities-you-cant-ignore
Thought Leadership
Nov 6, 2025
A Love Letter to FastAPI: Why Thoughtful Framework Design Matters
Reflections from a developer who supports end-of-life systems — and why FastAPI’s balance of speed, stability, and care sets a new standard for modern frameworks.
Allison Vorthmann
Allison Vorthmann
Share this post via:
herodevs.com/blog-posts/
a-love-letter-to-fastapi-why-thoughtful-framework-design-matters
Security
Nov 5, 2025
FAQ about CVE-2025-55315, the 9.9-rated CVE in ASP.NET Core
Everything you need to know about CVE-2025-55315 — the 9.9-rated HTTP request smuggling and security bypass vulnerability impacting ASP.NET Core and Kestrel.
Hayden Barnes
Hayden Barnes
Share this post via:
herodevs.com/blog-posts/
faq-about-cve-2025-55315-the-9-9-rated-cve-in-asp-net-core
Thought Leadership
Nov 4, 2025
The Dependency Boom: How AI Is Inflating Open Source Use
AI coding tools are revolutionizing software development — but they’re also flooding codebases with untracked dependencies, outdated libraries, and long-term security debt.
HeroDevs
HeroDevs
Share this post via:
herodevs.com/blog-posts/
the-dependency-boom-how-ai-is-inflating-open-source-use
Security
Nov 3, 2025
Python 3.9 Reaches End-of-Life: What It Means for You
The Python Software Foundation has officially ended support for 3.9—ending security fixes, performance updates, and ecosystem compatibility.
HeroDevs
HeroDevs
Share this post via:
herodevs.com/blog-posts/
python-3-9-reaches-end-of-life-what-it-means-for-you
Thought Leadership
Oct 29, 2025
Why Internal Patching Strategies Break Down in Year Two
Why internal forks and self-patched open source components crumble under their own weight after year one—and how HeroDevs’ Never-Ending Support (NES) keeps your stack secure, compliant, and sustainable.
Parin Shah
Parin Shah
Share this post via:
herodevs.com/blog-posts/
why-internal-patching-strategies-break-down-in-year-two
Press Release
Oct 27, 2025
Webtide and HeroDevs Join Forces to Offer Enterprise-Grade Support for Jetty and CometD
HeroDevs partners with Webtide to offer Never-Ending Support, extending security and compliance to businesses using end-of-life Jetty & CometD versions.
Taylor Corbett
Taylor Corbett
Share this post via:
herodevs.com/blog-posts/
webtide-and-herodevs-join-forces-to-offer-enterprise-grade-support-for-jetty-and-cometd
Thought Leadership
Oct 27, 2025
The Economics of Ignoring End-of-Life Software: A Real Cost Breakdown
Ignoring end-of-life software doesn’t save money—it quietly drains it. Here’s what unsupported OSS really costs in security, compliance, and engineering hours.
Parin Shah
Parin Shah
Share this post via:
herodevs.com/blog-posts/
the-economics-of-ignoring-end-of-life-software-a-real-cost-breakdown