Comparing and converting between SBOM formats

10 minute read time

A step-by-step guide on how to convert between SBOM formats using tooling from the official repositories of SPDX and CycloneDX.
Read More...

Secure Software Development Attestation Form: Sonatype helps you comply

6 minute read time

The CISA Secure Software Development Attestation Form sets cybersecurity standards for US Federal agency software purchases. Learn how Sonatype helps you comply with SSDF guidelines.
Read More...

Open source risk management: Safeguarding software integrity

6 minute read time

Explore open source risk management as the identification and mitigation of security, compliance, and operational risks with using open source software
Read More...

A guide for open source software (OSS) security

6 minute read time

Evaluate open source software (OSS) security to ensure safe usage of software components in software development life cycles and software supply chains
Read More...

Cyber Resilience Act: The future of software in the European Union

6 minute read time

Discover what the EU Cyber Resilience Act entails and what the consequences might be for open source and software development overall
Read More...

Software packages, do we even need them?

6 minute read time

Explore the evolution of package managers & the benefits of binary packages in software ecosystems. Learn how they enhance DevOps, security, & efficiency.
Read More...

Supply chain security inside and out

3 minute read time

Every organization needs to safeguard their SDLC. Take a look at two key aspects of ensuring external and internal security for your software supply chain.
Read More...

Sonatype Repository Firewall is an easy solution for a big problem

6 minute read time

Discover Sonatype Repository Firewall's AI-driven protection for SDLCs, blocking malicious components and ensuring a more secure software supply chain.
Read More...

Post-conference tech spec: Why building your ship (application) with raw materials is a bad idea

10 minute read time

Get all the details of the presentation that Jamie Coleman, Developer Advocate on Sonatype’s Developer Relations team, gave at Voxxed Days Zurich 2023.
Read More...