Using a Software Bill of Materials (SBOM) is Going Mainstream
2 minute read time
Crazy: OWASP A9 is about to turn seven and the DevSecOps Community Survey shows less than half of organizations can produce a Software Bill of Materials.
Read More...
The Three R’s of Software Supply Chains: Reject, Replace, and Respond
7 minute read time
OWASP A9 has been around for over 6 years now. These three R's helps enterprise security manage their software supply chains: Reject, Replace, Respond.
Read More...
Using Webhooks to Integrate Nexus Lifecycle with Red Hat Quay - Part 2
3 minute read time
How to add security to your CI/CD pipeline quickly with Nexus Lifecycle, Red Hat Quay, and Twistlock, all without disrupting ongoing development.
Read More...
Using Webhooks to Integrate Nexus Lifecycle with Red Hat Quay - Part 1
3 minute read time
How to use Webhooks to integrate Red Hat's Quay into Sonatype's Nexus Lifecycle for devsecops and container security in Docker.
Read More...
The Rise of Dependency Scanners
2 minute read time
Software composition analysis has seen a spike in growth from developers on Github to help with their devsecops journey.
Read More...
Nexus Reference Platform: Kompose, OpenShift and Helm
3 minute read time
Exploring the migration from docker compose to kubernetes, openshift, and helm for the nexus reference platform.
Read More...
Nexus Reference Platform: Docker Stack and Kubernetes
3 minute read time
Nexus Reference Platform deployed to kubernetes using docker compose.
Read More...
DevSecOps: The Carrot and the Stick
4 minute read time
DevOps and DevSecOps success stories from practitioners along with a cautionary tale of the consequences of doing nothing.
Read More...
The What and Why of DevSecOps
2 minute read time
At its heart, DevSecOps is about a culture of learning so that we can become innovative.
Read More...