Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Curtis Yanko

Curtis Yanko is a Sr Principal Architect at Sonatype and a DevOps coach/evangelist. Prior to coming to Sonatype Curtis started the DevOps Center of Enablement at a Fortune 100 insurance company and chaired a Open Source Governance Committee. When he isn’t working with customers and partners on how to build security and governance into modern CI/CD pipelines he can be found raising service dogs or out playing ultimate frisbee during his lunch hour. Curtis is currently working on building strategic technical partnerships to help solve for the rugged devops tool chain.

The Three R’s of Software Supply Chains: Reject, Replace, and Respond

By Curtis Yanko on September 09, 2019 devops best practices
OWASP A9 has been around for over 6 years now. These three R's helps enterprise security manage their software supply chains: Reject, Replace, Respond.
Read More...

Using Webhooks to Integrate Nexus Lifecycle with Red Hat Quay - Part 2

By Curtis Yanko on May 07, 2019 Red Hat
How to add security to your CI/CD pipeline quickly with Nexus Lifecycle, Red Hat Quay, and Twistlock, all without disrupting ongoing development.
Read More...

Using Webhooks to Integrate Nexus Lifecycle with Red Hat Quay - Part 1

By Curtis Yanko on May 07, 2019 Red Hat
How to use Webhooks to integrate Red Hat's Quay into Sonatype's Nexus Lifecycle for devsecops and container security in Docker.
Read More...

The Rise of Dependency Scanners

By Curtis Yanko on November 26, 2018 devsecops
Software composition analysis has seen a spike in growth from developers on Github to help with their devsecops journey.
Read More...

Nexus Reference Platform: Kompose, OpenShift and Helm

By Curtis Yanko on August 29, 2018 Docker
Exploring the migration from docker compose to kubernetes, openshift, and helm for the nexus reference platform.
Read More...

Nexus Reference Platform: Docker Stack and Kubernetes

By Curtis Yanko on August 27, 2018 Docker
Nexus Reference Platform deployed to kubernetes using docker compose.
Read More...

DevSecOps: The Carrot and the Stick

By Curtis Yanko on June 23, 2018 devsecops
DevOps and DevSecOps success stories from practitioners along with a cautionary tale of the consequences of doing nothing.
Read More...

The What and Why of DevSecOps

By Curtis Yanko on June 19, 2018 DevOps Culture
At its heart, DevSecOps is about a culture of learning so that we can become innovative.
Read More...

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain
Containers and automated tools create new opportunities for software supply chains and opensource governance as well as system security. DevSecOps, application and system security are all visible in
Read More...