Aaron Linskens

Aaron is a technical writer on Sonatype's Developer Relations team. He works at a crossroads of technical writing, developer advocacy, software development, and open source. He aims to get developers and non-technical collaborators to work well together via experimentation, feedback, and iteration so they can build the right software.

Going Online With the OWASP Vulnerability Management Guide Working Group

6 minute read time

The OWASP Vulnerability Management Guide (OVMG) project seeks to simplify vulnerability management into repeatable and scalable cycles.
Read More...

Best Practices in Dependency Management: Cooking a Meal of Gourmet Code

5 minute read time

Close to 85% of every application is open source software. Better understanding your software supply chain starts with understanding dependency management.
Read More...

Open Source Basic Practices for Higher Quality Code to Fundamentally Strengthen Your Project

By Aaron Linskens on November 09, 2022 Open Source

8 minute read time

A look at some basic practices for higher quality code to help fundamentally strengthen your project.
Read More...

This Week in Malware - Over 70 Packages Discovered

By Aaron Linskens on October 28, 2022 vulnerabilities

2 minute read time

This week, we discovered and analyzed six dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...

An Open Source Maintainer’s Best Practice: How to Use SBOMs to Root Out Project Vulnerabilities

By Aaron Linskens on October 25, 2022 Open Source

7 minute read time

The second entry in Sonatype's series for Security Slam explores how your project can benefit from the use of a software bill of materials (SBOM).
Read More...

This Week in Malware - Nearly 40 Packages Discovered

By Aaron Linskens on October 21, 2022 vulnerabilities

2 minute read time

This week in malware, we discovered and analyzed nearly 40 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...

Open Source Best Practices: Key Documents to Help Welcome New Contributors to Your Project

By Aaron Linskens on October 17, 2022 Open Source

5 minute read time

This series of blog posts on best practices for open source maintainers was created in partnership with CNCF for Sonatype's Security Slam event.
Read More...

This Week in Malware - Over 50 Packages Discovered

By Aaron Linskens on October 14, 2022 vulnerabilities

2 minute read time

This week we discovered and analyzed nearly 5 dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...

This Week in Malware - Over 100 Packages Discovered

By Aaron Linskens on October 07, 2022 vulnerabilities

6 minute read time

This week in malware, we discovered and analyzed more than 100 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...