Skip Navigation

DJ Schleen

DJ is a DevSecOps Advocate

Community Updates: Nancy Has a New Ship, and Found oysteRs

By DJ Schleen on March 16, 2020 Docker

2 minute read time

Nancy checks for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index and Nexus IQ Server. Another community contribution is oysteR.
Read More...

Most common security acronyms explained

By DJ Schleen on March 02, 2020 security

8 minute read time

SAST, DAST, CSA, OSSM, SCA? What do these acronyms mean, what exactly do they do, and why does it matter?
Read More...

Get the Latest DevSecOps Reference Architecture

By DJ Schleen on February 13, 2020 reference architecture

2 minute read time

Based on community feedback the 2020 DevSecOps Reference Architecture now includes continuous education, mobile delivery, and rearrangement of controls.
Read More...

Nancy, on a Boat! (Announcing Nancy for Docker)

By DJ Schleen on October 17, 2019 Docker

2 minute read time

Nancy checks for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index. docker-nancy wraps the nancy executable in a Docker image.
Read More...

Security Should Stop Being a Drag

By DJ Schleen on September 06, 2019 deployment

3 minute read time

An application should withstand automated, manual, or user testing. Security vulnerabilities, although extremely important, are in reality non-functional.
Read More...

Success Requires Reflection on DevSecOps Failures

By DJ Schleen on August 23, 2019 DevOps Culture

4 minute read time

There are so many books on how to succeed, but none about the major challenges and headaches that will ultimately occur when beginning a DevSecOps journey.
Read More...

A Sort of a Homecoming - Why I Joined Sonatype

By DJ Schleen on August 08, 2019 featured

2 minute read time

The open source and supply chain problem facing the industry is one of the major reasons why I joined Sonatype. I can make an impact evangelizing DevSecOps.
Read More...

Security Organizations Need to Start Thinking Like Developers

By DJ Schleen on July 30, 2019 security

2 minute read time

Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...

DevSecOps: Integrating Automated Security Controls

By DJ Schleen on March 21, 2017 devsecops

2 minute read time

Security continues to be an afterthought in many development pipelines. In DevOps, security is taking on a new role where high velocity meets security at scale
Read More...