A Tale of Two Quakes
Derek Weeks, on August 30, 2016
U.S. Government pays closer attention to software components
Multiple agencies across the U.S. government are paying closer attention to the software they are buying. More specifically, they want to know what open source and third party components were used to build the software applications. The report notes:
Manfred Moser, on July 18, 2016
As a developer I am constantly chasing new tools and enjoy learning new things. I read a lot of blog posts, tutorials and documentation. And I listen to podcasts and attend webinars as well. More and more I find that watching videos of conference and webinar presentations is great. But even better are shorter, focused videos that give you a chance to quickly learn something new.
Samantha Mayhew, on July 12, 2016
I recently sat down for a spell with Bruce Mayhew, Director of Research and Development at Sonatype and co-author/project lead for OWASP WebGoat, to discuss his perspectives on the data revealed in this year's 2016 State of the Software Supply Chain Report. Here, he not only speaks about why the data within the report is so incredibly compelling, but also about how his team's research has come together in a way that surprises him, and might surprise you.
Our State of the Software Supply Chain Report has just been released. Over the past year, we’ve amassed a great deal of data with respect to the staggering volume and variety of open source components flowing through software supply chains into development environments. This year, we assessed behaviors across 3,000 organizations and performed deep analysis on over 25,000 applications.
Jeffry Hesse, on July 08, 2016
Nexus Repository 3.0 has hit the streets and continues to spur insightful discussions on where we're headed with the platform. We recently held a one hour demonstration where we had off the chart community engagement with interactive QA. If you missed the demonstration, watch the recording here.
The Innovator’s Journey to DevOps, is a series of interviews profiling individual DevOps practitioners who are transforming the way developers, IT operations, and security professionals collaborate to accelerate software innovation. These are real stories, by real people, explaining real world solutions to large scale DevOps initiatives.