Tag Archives: bill of materials

Real World Experiences: Blackboard


April 21, 2015 By
Derek Weeks
bb-testimonial

As part of a new series we’re calling ‘Real World Experiences’ we’ll be highlighting how Sonatype customers are benefiting from greater development efficiency, higher productivity levels, faster time to market and better quality software, all while being more secure. We kick off the series covering Blackboard, the world’s leading education technology company.

Continue reading...

Categories: Uncategorized

Bash 2014 – This Is Not a Party


September 25, 2014 By
Derek Weeks
Hipsters blowing confetti

I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and Shellshock in a fashion similar to tropical storms, but if it gets more people to pay attention to the exponential growth of our reliance on software I can’t say I am too worked up about it either. One thing that is unarguable is that this just happens to be the latest (and if you are reading this before you have patched stop right now, patch, and then come back to finish).

Continue reading...

Categories: Uncategorized

Skeleton Key


September 19, 2014 By
Derek Weeks
old keys on a old book, antique wood background

A skeleton key is capable of opening any lock regardless of make or type. Do you know anyone who has one? I do. Lots of them. At the HP Protect conference last week in Washington DC, the theme of their conference was “think like a bad guy”. They introduced us to known hackers, their approaches to infiltrating organizations, and the trends in their behaviors. They also introduced us to the people who hunted down the hackers and successfully captured them.

Continue reading...

Categories: Uncategorized

11,000 Voices


September 16, 2014 By
Derek Weeks
Appsec Panel

This week, I will be attending AppSec USA in Denver with the rest of our Sonatype crew. While it will be my first time attending the event, I am really excited to be leading a panel discussion at the event this Thursday. If you will be at the event, please come by the session or the Sonatype booth (G10) and say hello. So what’s the panel discussion about?

Continue reading...

Categories: Uncategorized

Time for Full Open Source Disclosure


September 12, 2014 By
Derek Weeks
Gartner Full Disclosure

We are not the first industry to face this challenge. But many are convinced our problem is much smaller than it really is or that it does not exist. They simply ignore it. Or choose to do nothing about it. Meanwhile, the problem is multiplying like rabbits. The challenge lies within our software. Within the quality of its supply chain, within our collective ability to maintain its health, and within our ability to establish easy (yes, I said easy) paths to ban rampant, yet avoidable risks.

Continue reading...

Categories: Uncategorized

Gartner Goes Development-Centric


September 11, 2014 By
Derek Weeks
Gartner Research

Recently, Gartner published a new research report that says by 2016, “the vast majority of mainstream IT organizations will leverage nontrivial elements of open source software (directly or indirectly) in mission- critical IT solutions. However, most will fail to effectively manage these assets in a manner that minimizes risk and maximizes ROI.”

Continue reading...

Categories: Uncategorized