One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

Find and Fix Vulnerabilities in Seconds using GitHub PR Reviews with Line Comments

By Kevin Miller on July 07, 2020 github
Pull Request line comments highlight code that introduces a policy violation. This gives developers the information needed to remediate security risks.
Read More...

Compliance as Code

By Pachi Carlson on July 06, 2020 Compliance
Compliance is a growing consideration for application security and must be managed.
Read More...

Trust and Courage are Essential to a Strong Team Culture

By Keith Sprochi on July 02, 2020 leadership
A healthy work culture is invaluable. I think that the Sonatype culture has two main ingredients: trust and courage.
Read More...

The Latest DevSecOps Podcast Playlist

By Katie McCaskey on July 01, 2020 devsecops
The latest playlist of DevSecOps podcast episodes discuss open source vulnerabilities, security, culture, and more.
Read More...

How to Upskill Your Team with Kubernetes

By Brad McCoy on June 30, 2020 devsecops
How we got everyone through the Certified Kubernetes Administrator (CKA) training and you can, too.
Read More...

Holding the Industry Accountable

Humans often need to experience something before we change. As DevSecOps practitioners and leaders we should always be asking what needs changing and why.
Read More...

Money Doesn’t Buy Happiness, But Happy Developers Protect Money

By Derek Weeks on June 26, 2020 devsecops
Developers in mature DevOps practices are 1.2x happier than their grumpy peers in the financial sector. This impacts software security, and your wallet.
Read More...

Sonatype a Cybersecurity Impact Award Honoree

By Katie McCaskey on June 25, 2020 devsecops
Sonatype places in the second annual Cybersecurity Impact Awards, sponsored by CyberTacos, to recognize leaders in Washington, D.C., Maryland and Virginia.
Read More...

Considering Nexus Auditor? You Should, But Know These Things First

By Kadi Grigg on June 25, 2020 JIRA
Nexus Auditor, in the right use case, is a solid, cost-effective solution. Is Nexus Auditor the solution for you? Maybe, maybe not. Here's how to find out.
Read More...