Gartner: The Crucial Role of OSS License Compliance
4 minute read time
Gartner's SCA recommendations include deep understanding of OSS licensing. Operating without license compliance, intentionally or not, invites peril.
Read More...
“This is the New Op Model” - Why State Farm Sponsored ADDO, and the Results
5 minute read time
4,000 developers from State Farm attended this year's All Day DevOps, sponsored by Sonatype. Why did they attend, and what did they get out of it?
Read More...
October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.
3 minute read time
As open source software grows, developers play a crucial role ensuring that cyber security threats are prevented, mitigated, and repaired.
Read More...
Anatomy of the RubyGems ‘rest-client’ Hack, and Getting Creative About Open Source Security
3 minute read time
Last month, the RubyGems strong_password component was breached and injected with malicious code.
Read More...
Activate Your Shield Against Open Source Invasions
3 minute read time
Mike Van Doren, Sonatype Solution Architect, identifies the infinity stones that grant superpowers in the Nexus ecosystem.
Read More...
NIST Proposes Standards to Secure Government SDLC
3 minute read time
NIST has proposed a set of standards to address the growing need for better software security. Public comment is open until August 5, 2019.
Read More...
Top 5 Tomcat Vulnerabilities
3 minute read time
If you spend time monitoring and patching OSS projects, you know Tomcat has some vulnerabilities. Today, Tomitribe walked us through 5 of those vulnerabilities.
Read More...
Malicious Attacks On Open Source Are Going to Get Worse: Developers Need to Take Notice
2 minute read time
Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities.
Read More...
Operating Without an OSS License? That Could Be Dangerous!
4 minute read time
The intent of OSS licensing is to to make sure software can remain open source and freely used.
Read More...