You Can't Manage What You Can't See: Open Source Governance Starts with Visibility
2 minute read time
During the interview, Richard Spires, former CIO at the Internal Revenue Service and now CEO of Learning Tree International, said one of the biggest takeaways.
Read More...
Equifax was 100% preventable -- But 18,000 others at risk
2 minute read time
Karpovich reflected on findings from the House report that the breach at Equifax was 100% preventable -- as the vulnerability at the root of the breach was one.
Read More...
The Path of DevOps Enlightenment for Infosec
4 minute read time
Can security, as an industry, rise to the demands of DevOps? Is the DevOps culture able to handle security and all of its baggage? At this year's Nexus User.
Read More...
A DevSecOps Maturity Model in 7 Words
2 minute read time
Inspired by a conversation I had with Navin Vembar about a DevSecOps Maturity Model his organization developed at the U.S.
Read More...
5 Quick Wins for Securing Continuous Delivery
6 minute read time
At the 2018 Nexus User Conference, Jim Bird, CTO of BiDS Trading, laid out 5 quick ways to secure continuous delivery.
Read More...
A DevSecOps Journey at a Dutch Bank
3 minute read time
This is the story of ABN AMRO’s DevSecOps journey - as told by Stefan Simenon and Widbe de Roos at the 2018 Nexus User Conference.
Read More...
Three Days of DevSecOps: Lessons from Equifax
2 minute read time
In 2017, one might have considered "three days" to be the new normal for lead time for changes in DevSecOps. In 2018, that window closed to "one second".
Read More...
The 2018 State of the Software Supply Chain Report is here!
2 minute read time
Today, Sonatype introduces the 2018 State of the Software Supply Chain Report, on managing open source components to accelerate innovation.
Read More...
A Simply Brilliant Way to Improve the Security Pipeline
2 minute read time
Kaiser Permanente's Xin Xu shares how his team eliminates vulnerable libraries before they ever enter the DevOps pipeline, using Nexus.
Read More...