Category Archives: Everything Open Source

Legos, Death Stars, and Millennium Falcons, Oh My


February 2, 2016 By
Jeff Wayman

The Lego Death Star has about 1/10th of the parts of a Toyota; 3803 to be exact. If you’ve ever assembled the Lego Death Star, or anything lego related, you know having the right parts is critical. Even more impressive is what the group over at Titans Creations did. This group of Lego fans (known as My Own Creation[ers]) built a scale model (mini-figure scale) of the Millennium Falcon. Coming in at around 10,000 parts it’s one of the more, if not most impressive custom models to date.

Continue reading...

Rugged DevOps: Solving Big Problems


January 27, 2016 By
Derek Weeks
Screen Shot 2016-01-27 at 10.39.16 AM

In part one of this series, “Rugged DevOps: Survival is Not Mandatory”, I shared news that 1 in 16 open source and third-party components downloaded last year included a known vulnerability. That may not seem like too many until you realize the average company downloads well over 200,000 components annually. These components are electively downloaded by development teams, often unaware of the vulnerabilities that come with them.

Continue reading...

Rugged DevOps: Survival is Not Mandatory


January 25, 2016 By
Derek Weeks
Rugged Devops

Deming, the patron saint of DevOps once advised, “It is not necessary to change. Survival is not mandatory.” To survive, application development teams are constantly pressured to deliver software even faster. But fast is not enough. The best organizations realize that security, quality and integrity at velocity are mandatory for survival. Hence, DevOpsSec

Continue reading...

What’s in Your Software


January 15, 2016 By
Matt Howard
Screen Shot 2016-01-15 at 9.01.37 AM

I can’t tell you how excited I am to be a part of the Sonatype team that is literally reinventing how quality software gets made. As the new guy leading marketing, my first test was to explain Sonatype to my mom. She’s a smart cookie — but she’s 82 years old — and doesn’t know very much about software.

Continue reading...

Getting Rugged DevOps Right


December 3, 2015 By
Derek Weeks
Screen Shot 2015-12-03 at 12.28.19 PM

Two Perspectives Jack, an accomplished application security pro, tells me, “The developers won’t talk to us.  It’s like we speak a different language.  They are releasing new builds so fast, how could they check each one for security vulnerabilities?  We can’t move as fast as they do.” Then in the next moment, Diane, a DevOps […]

Continue reading...

Software Supply Chains: DevOps Lessons Learned from Southwest Airlines


November 23, 2015 By
Wayne Jackson
SW

I was talking to a new business acquaintance the other day and had a really interesting exchange. It went something like this: Him: So, what does Sonatype do? Me: We work in the software development realm doing this new thing called Software Supply Chain Automation. Him: What does that mean? Me: Well, modern software is, […]

Continue reading...

Did you wake up to an alert about the Java Deserialization vulnerability?


November 13, 2015 By
Brian Fox
Java-Deserialization-01

This week I woke up to find several emails from Nexus Lifecycle indicating that the products in my portfolio were potentially vulnerable due to their inclusion of Apache commons-collection. If you have no idea what I’m talking about, stop now and go read this factual and un-sensationalized account of the situation. I’ll wait.

Continue reading...

Please Containerize Your Excitement: Nexus 3 Milestone 5 Release


September 22, 2015 By
Derek Weeks
Screen Shot 2015-09-22 at 11.50.56 AM

We, on the Nexus team, are pleased to announce the arrival of the Nexus 3 Milestone 5 release! Our focus in this milestone release was; hosting and proxying Docker registries, browsing and searching Docker images, browsing components and assets that belong to any repository format. Docker format capabilities in Nexus 3 are brand new and we are excited to have it going out into the wild so we can hear your feedback.

Continue reading...

The Cost to DevOps: 27 Mufflers


July 16, 2015 By
Derek Weeks
Screen Shot 2015-07-29 at 2.51.00 PM

Imagine that you are designing the 2016 Range Rover line of sport utility vehicles. Like all gas powered vehicles, each one needs an exhaust muffler. Range Rover likely has narrowed in on a preferred provider of mufflers. But imagine what would happen if the designers and factory line workers could pick from any one of 27 past versions of that muffler from their preferred provider for the new model year.

Continue reading...