Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

DevSecOps Delivered: Nexus IQ Google Chrome Extension

By Amir Shahmiri on May 22, 2020 devsecops
See the Nexus IQ Google Chrome extension, a handy tool to research open source components in your browser.

Getting Your Security Program to Shift Left: Operationalizing Security Controls via DevSecOps

By Daniel Longest on May 21, 2020 shift left
Map the automation opportunities into your software development lifecycle as part of coordinated strategies to shift security left.

Cultural Approaches to Transformations

Marc Cluet has dedicated the last six years to helping organizations transform their culture and ways of working. Here are some of his observations.

Integrating Infrastructure as Code into a Continuous Delivery Pipeline

By Carlos Schults on May 19, 2020 Continuous Delivery
Infrastructure as code (IaC) takes coding techniques used by software systems and extends them to infrastructure. We cover those techniques.

SaltStack: 20 Breaches Within Four Days

By Derek Weeks on May 18, 2020 vulnerabilities
When a vulnerability is announced in an open source project, ask immediately: have we ever used that open source component, and (if yes) where is it?

Tanya Janca is "Big Fan of SCA" [VIDEO]

By Zack Conord on May 15, 2020 devsecops
Zack Conord interviews Tanya Janca of SheHacksPurple about her new business and why she's eager to teach software composition analysis.

DevSecOps Leadership Forum: 500 Innovators Learning from Shared Experiences

By Matt Howard on May 14, 2020 Community
This is a recap of experiences and insights shared at the 2020 DevSecOps Leadership Forum. On demand recordings of the event are now available for free.

New in Nexus Repository 3.23: Nexus Intelligence via npm audit

By Brent Kostak on May 13, 2020 npm
Now developers can check for policy violations using the npm audit command built into the npm CLI, using the precise data of Nexus Intelligence.

New Language? No Problem. New Ecosystems in Nexus Lifecycle and Nexus Firewall

By Alyssa Shames on May 13, 2020 Nexus Lifecycle
New ecosystems added to Nexus Lifecycle and Nexus Firewall: Alpine, Bower, Cargo, CocoaPods, Conda, Conan, Composer, CRAN, Debian, Drupal and rpm.