2018 DevSecOps Community Survey: Automation Races Against Breaches
3 minute read time
New research published today, reveals that breaches pinned to open source software components are up 55% year over year.
Read More...
Software Liability Gets Real (Global)
5 minute read time
Software liability turns up the volume in France, Germany, the UK, the USA, and the EU in 2018.
Read More...
Malicious Intent: Open Source Developers, Please Protect Your Users
1 minute read time
Pay attention to your own digital security as you would if you were protecting millions of others. Malicious code found in npm package conventional-changelog.
Read More...
Mr. Smith Goes to Washington: Lessons Learned from Equifax in Congress
2 minute read time
Perspective on what Rick Smith, former Equifax CEO, will say today to Congress this week when he testifies.
Read More...
DevOps and Opportunities in Software Supply Chain Governance
4 minute read time
Governance has been an evil word for software developers but new approaches unlock massive gains in productivity, reductions in cost, improvements in quality.
Read More...
Government Asks: What’s in Your Software?
5 minute read time
Top performing development organizations embrace supply chain management best practices, including use of a Software Bill of Materials (BOM).
Read More...
An Insider's View: Analyzing Software Supply Chains
5 minute read time
2016 state of the software supply chain report reveals the volume of open source component usage and quantifies the presence of known vulnerabilities.
Read More...
The 2016 State of Software Supply Chain Report
2 minute read time
Sonatype’s 2nd Annual Report on Accelerating Software Innovation and Security
Read More...
Automated Nexus Reports on Licenses, Security, and More
4 minute read time
Automated Nexus Reports on Licenses, Security, and More
Read More...