Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

How to Upskill Your DevOps

By Mark Henke on April 08, 2020 automation
Become T-shaped. No matter what role we're in—whether it's security, operations, or software delivery—we must understand the breadth of skills needed.
Read More...

Happy Developers Produce More Secure Software, Better Business Outcomes

By Derek Weeks on April 07, 2020 vulnerabilities
The 2020 DevSecOps Community Survey confirms correlations between DevSecOps culture and practices, and their influence on motivation and job satisfaction.
Read More...

Leveling Up: How to Improve Your ACSC Recommended Maturity Model

By Cameron Townshend on April 06, 2020 devsecops
ACSC, the Australian Cyber Security Center, has three DevSecOps maturity models. Here's how your organization can move up levels in the Essential Eight.
Read More...

Comparing npm Audit Versus AuditJS

By Mike Hoskins on April 03, 2020 AppSec
AuditJS is a free tool leveraging Sonatype's OSS Index. OSSI exposes a ReST API aggregating several security vulnerability feeds including CVE, CWE and NVD.
Read More...

Ryan Lockard Names the Seven Deadly Sins of DevSecOps [VIDEO]

By Mark Miller on April 02, 2020 AppSec
Failures are an opportunity to reflect, inspect, and improve DevSecOps practices every day. Which of these have you experienced, and what did you learn?
Read More...

SAML/SSO Authentication and Conan in Nexus Repository 3.22

By Brent Kostak on April 01, 2020 Nexus Repository Pro
Now users can authenticate with Security Assertion Markup Language (SAML) identity providers, enabling single sign-on (SSO) with Nexus Repository Pro.
Read More...

Developers Gain Contextual Feedback with Automated Pull Request Commenting

By Kevin Miller on March 31, 2020 github
Pull request comments provide contextual information about the individual branch a developer is working on, and changes that they may have introduced.
Read More...

Department of Defense DevSecOps Journey

By Sylvia Fronczak on March 30, 2020 government
The DevSecOps stack is open source and open to the public. Everything is infrastructure as code and can run on any environment, leveraging Kubernetes.
Read More...

Sonatype Nexus Repository 3.20 Installation, Admin Login, and Port Change [VIDEO]

By Awkash Agrawal on March 27, 2020 Nexus Repository
This five minute Nexus Repository installation video covers all the tidbits, from login via admin to changing the port.
Read More...