Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Curtis Yanko

Curtis Yanko is a Sr Principal Architect at Sonatype and a DevOps coach/evangelist. Prior to coming to Sonatype Curtis started the DevOps Center of Enablement at a Fortune 100 insurance company and chaired a Open Source Governance Committee. When he isn’t working with customers and partners on how to build security and governance into modern CI/CD pipelines he can be found raising service dogs or out playing ultimate frisbee during his lunch hour. Curtis is currently working on building strategic technical partnerships to help solve for the rugged devops tool chain.

The Rise of Dependency Scanners

By Curtis Yanko on November 26, 2018 devsecops

2018 has seen a new breed of dependency scanners come onto the scene. These 'manifest' driven scanners allow for their inclusion into source code control


Nexus Reference Platform: Kompose, OpenShift and Helm

By Curtis Yanko on August 29, 2018 Docker

I was so excited by my success with Docker Stacks in my last blog post that I wanted to explore some additional options for migrating from Docker Compose to


Nexus Reference Platform: Docker Stack and Kubernetes

By Curtis Yanko on August 27, 2018 Docker

For a little over a year now I've been using Docker to help me manage my local demo environment. It has also helped me in my workshops by making it easy for


DevSecOps: The Carrot and the Stick

By Curtis Yanko on June 23, 2018 devsecops

Five or so years ago when I began my own DevOps journey I had a sense of the potential gains we could make but there weren't any success stories or data


The What and Why of DevSecOps

By Curtis Yanko on June 19, 2018 DevOps Culture

In IT is is especially easy to get caught up in the How of just about any facet of our work. It all seems so mechanical, just tell me what tools to use and how


DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain

Earlier this year I wrote a two part series called CI In The Age Of Containers - Part 1 & Part 2. My original goal was to explore the impact container might


Running The Nexus Platform Behind Nginx Using Docker

By Curtis Yanko on February 27, 2018

I firmly believe that reasonably smart people learn fastest from working examples. It’s relatively easy to make small changes to a working example and learn


Continuous Integration In The Age of Containers - Part 2

By Curtis Yanko on February 08, 2018

In Part 1 we explored the impact of containers on CI/CD and looked at how shifting application security testing to the left helped us avoid passing defects


Docker Compose for Nexus Platform - Part 2

By Curtis Yanko on December 29, 2017 Docker

In Part 1 we used a script and docker-compose to stand up both our Nexus Repository Manager and an IQ Server with out of the box configurations. In this