Tag Archives: Compliance

3 Reasons Manual Policies Just Don’t Work


June 10, 2014 By
Derek Weeks
Current State of Open Source Policies

Over the past four years, Sonatype has surveyed open source development organizations and year after year, we find that developers have the best intentions. They strive to build good quality code, free of defects and flaws but when it comes to policies that enforce these standards, the manual review process is at odds with how developers really work. If you don’t believe me, here are just a few examples of how developers describe the challenge manual policies create.

Continue reading...

PCI 3.0 – Secure Payment Requires Secure Components


November 14, 2013 By
Derek Weeks

Well there is nothing like an updated specification that drives action or interest in a topic. We’re seeing that with the introduction of PCI 3.0. While there are several key updates to the specification, the one I find most interesting reflects the reality of how applications are constructed today – from components. It’s great to […]

Continue reading...