If it does not fit, it does not get done. For many DevOps practices, application security falls into the “does not get done” bucket. That’s because for many DevOps-centric organizations, application security has historically be done somewhere else, by someone else, who is slow.
Another theme that arose often during our recent “DevOps: Wine-ing, Not Whining” event was the importance of software supply chains. Every software development organization has a software supply chain, and DevOps leaders are now applying principles from lean manufacturing, Deming, and Toyota supply chain management to improve their operations.
We recently hosted the 2nd annual “DevOps: Wine-ing, Not Whining” event in San Francisco to bring together a number of thought leaders and leading practitioners in the DevOps field. We traded stories from the trenches, formed new insights, and offered visions of the future.
There are numerous examples of reference architectures available, and each of them vary in levels of detail, tools highlighted, and processes followed. Yet, there is a constant theme among the tool sets: Jenkins, Maven, Nexus, Subversion, Git, Docker, Puppet/Chef, Rundeck, and Sonar seem to show up time and again.
How does Sonatype use Nexus to support our development efforts? Well, our development team is about to tell you. In fact, they a planning to give a virtual tour of our factory floor (e.g., tool chain) while discussing their own best practices for agile software development across a geographically distributed team. They will also spend time discussing their use of Nexus, Bamboo, JIRA, HipChat, AWS, Ansible and other solutions to streamline our development efforts, improve the quality of our builds while reducing rework, and speed time to market for new releases.
Sonatype now provides native Atlassian Bamboo support to improve the quality of your build outputs. Sonatype provides instant analysis of open source components used in every Bamboo build and alerts development teams to any quality, license, or security issues identified. By catching the issues during CI builds, development teams can quickly address open source policy violations early and can avoid unplanned rework.
Active Nexus instances have grown 100% within the past 18 months. Just awesome. And, YOU, our user community made it happen. As of today, we surpassed the milestone of 50,000 active Nexus installs! Thank you.
There are those of us that like to stay on the cutting edge of technology, fiddling with the latest and greatest, even if it means the experience might be a little rough around the edges. Yes, that might mean suffering through a bunch of issues despite a warning not to install Mavericks on our main […]
As we looked back at what our readers found most intriguing in the past year, we found one central theme: managing their software supply chain. Our readers wanted to know in a continuous world, where speed and quality often compete how can they develop software faster while becoming more profitable ensuring quality and managing risk.
I’m sure you saw it too. During the Super Bowl, Chevy Trucks announced that they were adding 4G LTE wi-fi. How cool. I want that (and so would my kids). I can only imagine the possibilities. But, this is not all about my needs. Chevy and every other vehicle maker wants this too. And not for the reasons that you might first consider. Quickly, let me introduce you to the recalls of today..