One in Six Developers in Healthcare Report Open Source Breaches | Press Release
blog-logo Sonatype Blog

RESOURCES

Content

Sonatype Partners

Community

Upcoming Events

SON_Display_Improve_Security_250x360@2x

documentation
READ MORE

Using a Software Bill of Materials (SBOM) is Going Mainstream

Crazy: OWASP A9 is about to turn seven and the DevSecOps Community Survey shows less than half of organizations can produce a Software Bill of Materials.
Read More...
GettyImages-867236268
READ MORE

The Three R’s of Software Supply Chains: Reject, Replace, and Respond

By Curtis Yanko on September 09, 2019 devops best practices
OWASP A9 has been around for over 6 years now. These three R's helps enterprise security manage their software supply chains: Reject, Replace, Respond.
Read More...
GettyImages-913430902
READ MORE

Using Webhooks to Integrate Nexus Lifecycle with Red Hat Quay - Part 2

By Curtis Yanko on May 07, 2019 Red Hat
How to add security to your CI/CD pipeline quickly with Nexus Lifecycle, Red Hat Quay, and Twistlock, all without disrupting ongoing development.
Read More...
GettyImages-932084794
READ MORE

Using Webhooks to Integrate Nexus Lifecycle with Red Hat Quay - Part 1

By Curtis Yanko on May 07, 2019 Red Hat
How to use Webhooks to integrate Red Hat's Quay into Sonatype's Nexus Lifecycle for devsecops and container security in Docker.
Read More...
GettyImages-910425902
READ MORE

The Rise of Dependency Scanners

By Curtis Yanko on November 26, 2018 devsecops
Software composition analysis has seen a spike in growth from developers on Github to help with their devsecops journey.
Read More...
kompose1
READ MORE

Nexus Reference Platform: Kompose, OpenShift and Helm

By Curtis Yanko on August 29, 2018 Docker
Exploring the migration from docker compose to kubernetes, openshift, and helm for the nexus reference platform.
Read More...
stack
READ MORE

Nexus Reference Platform: Docker Stack and Kubernetes

By Curtis Yanko on August 27, 2018 Docker
Nexus Reference Platform deployed to kubernetes using docker compose.
Read More...
3days
READ MORE

DevSecOps: The Carrot and the Stick

By Curtis Yanko on June 23, 2018 devsecops
DevOps and DevSecOps success stories from practitioners along with a cautionary tale of the consequences of doing nothing.
Read More...
READ MORE

The What and Why of DevSecOps

By Curtis Yanko on June 19, 2018 DevOps Culture
At its heart, DevSecOps is about a culture of learning so that we can become innovative.
Read More...
Twitter LinkedIn Facebook Instagram YouTube GitHub
Products
Security Research
Solutions
Resources
About
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 5 Martin Place, Sydney, NSW 2000, Australia 
London Office - 168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy