Category Archives: Everything Open Source

Chevy and DevOps: What the Wi-Fi?


February 4, 2015 By
Derek Weeks
man sitting in a car and touch play finger in a auto smart system

I’m sure you saw it too. During the Super Bowl, Chevy Trucks announced that they were adding 4G LTE wi-fi. How cool. I want that (and so would my kids). I can only imagine the possibilities. But, this is not all about my needs. Chevy and every other vehicle maker wants this too. And not for the reasons that you might first consider. Quickly, let me introduce you to the recalls of today..

Continue reading...

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management


December 16, 2014 By
Wayne Jackson
royce

  On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the “Cyber Supply Chain Management and Transparency Act of 2014.” The legislation will ensure all contractors of software, firmware or products to the federal government provide the procuring agency with a bill of materials of all third […]

Continue reading...

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management


December 8, 2014 By
Wayne Jackson
Cyber space with hexadecimal code as digital background

On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the “Cyber Supply Chain Management and Transparency Act of 2014.” The legislation will ensure all contractors of software, firmware or products to the federal government provide the procuring agency with a bill of materials of all third party and open source components […]

Continue reading...

Code, Cars, and Congress: A Time for Cyber Supply Chain Management


December 5, 2014 By
Wayne Jackson
Cyber Supply Chain Management and Transparency Act of 2014

On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the “Cyber Supply Chain Management and Transparency Act of 2014.” The legislation will ensure all contractors of software, firmware or products to the federal government provide the procuring agency with a bill of materials of all third party […]

Continue reading...

Rubyists Rejoice – Nexus Supports RubyGem Repositories


December 2, 2014 By
Brian Fox
Very high resolution 3d rendering of a ruby isolated over white.

We have done it again! Our Nexus development team has been busy this fall.  With Nexus 2.9 in September, we introduced NuGet support for Nexus Open Source.  In October Nexus 2.10 introduced npm support for all Nexus editions.  And now with Nexus 2.11, we are adding Ruby Gem Repository support! We are happy to announce […]

Continue reading...

Talking Turkey in Texas: Open Source Governance Lags


November 25, 2014 By
Derek Weeks
Whole Homemade Thanksgiving Turkey with All the Sides

Deep in the heart of Texas, I was leading a panel discussion at the Lone Star Application Security Conference (LASCON) a few weeks ago.  The panel was “talking turkey” the importance of application security and open source software development, when the conversation led to a discussion about software supply chains. One of the panelists remarked […]

Continue reading...

42,000 Nexus Repository Managers, and Growing!


November 19, 2014 By
Derek Weeks
Nexus Artifactory Archiva

[Editor’s Note: An update to this article is now available.  As of February 2015, active Nexus instances have reached 50,000.  For more information, please see the new blog post at: http://blog.sonatype.com/2015/02/nexus-reaches-50000/#.VPTXZEuf96k] Over the past 15 months, active Nexus instances have grown from 21,000 to 42,000.  Wowza.   That is news worth sharing, because you made it […]

Continue reading...

Nigel’s Wake-up Call: Scaling Open Source Governance


November 3, 2014 By
Derek Weeks
Portrait of a surprised young man wearing eyeglasses

The Wake-up Call They had downloaded over 200,000 open source components in the past year.  And their open source policy…the one established to protect against license risks and security vulnerabilities?  It covered about 3% of them. This is how Nigel Simpson, Director of Architecture at a major media and entertainment company, described his organization’s “huge” […]

Continue reading...

Who is Nigel Simpson? (Lessons of Open Source Governance)


October 28, 2014 By
Derek Weeks
iStock_000032990414Small

If you are in the midst of creating (or even planning to implement) an Open Source Governance Policy for your organization, then you’ll want to get to know Nigel Simpson. Nigel has been leading an enterprise-wide working group with over 40 members — at a really big entertainment and media company — to define his […]

Continue reading...

Skeleton Key


September 19, 2014 By
Derek Weeks
old keys on a old book, antique wood background

A skeleton key is capable of opening any lock regardless of make or type. Do you know anyone who has one? I do. Lots of them. At the HP Protect conference last week in Washington DC, the theme of their conference was “think like a bad guy”. They introduced us to known hackers, their approaches to infiltrating organizations, and the trends in their behaviors. They also introduced us to the people who hunted down the hackers and successfully captured them.

Continue reading...