Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

DJ Schleen

DevSecOps Advocate

Are You a Fool with a Tool?

By DJ Schleen on November 22, 2019 security
Buckminster Fuller cautioned against prioritizing tools. DevOps should always include discussions of culture, strategy, and process for the best outcomes.
Read More...

Nancy, on a Boat! (Announcing Nancy for Docker)

By DJ Schleen on October 17, 2019 Docker
Nancy checks for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index. docker-nancy wraps the nancy executable in a Docker image.
Read More...

Security Should Stop Being a Drag

By DJ Schleen on September 06, 2019 deployment
An application should withstand automated, manual, or user testing. Security vulnerabilities, although extremely important, are in reality non-functional.
Read More...

Success Requires Reflection on DevSecOps Failures

By DJ Schleen on August 23, 2019 DevOps Culture
There are so many books on how to succeed, but none about the major challenges and headaches that will ultimately occur when beginning a DevSecOps journey.
Read More...

A Sort of a Homecoming - Why I Joined Sonatype

By DJ Schleen on August 08, 2019 featured
The open source and supply chain problem facing the industry is one of the major reasons why I joined Sonatype. I can make an impact evangelizing DevSecOps.
Read More...

Security Organizations Need to Start Thinking Like Developers

By DJ Schleen on July 30, 2019 security
Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...

DevSecOps: Integrating Automated Security Controls

By DJ Schleen on March 21, 2017 devsecops
Security continues to be an afterthought in many development pipelines. In DevOps, security is taking on a new role where high velocity meets security at scale
Read More...