To avoid becoming the victim of an attack launched through a middleware vulnerability, you should:

• Actively maintain a list of known dependencies and libraries in the applications you use
• Actively monitor the security of these applications, and mitigate risks as much as possible
• Insert a service-level agreement in contracts with software vendors for providing patches in a timely manner
• Routinely audit and review software dependencies and library use
• Ask software vendors for details on how they maintain and test their products

High