Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Katie McCaskey

Katie is an experienced technology writer and entrepreneur. At Sonatype, she's focused on creating and finding great content.

NIST Proposes Standards to Secure Government SDLC

NIST has proposed a set of standards to address the growing need for better software security. Public comment is open until August 5, 2019.
Read More...

Blue by Default

By Katie McCaskey on July 29, 2019 security
Aubrey Stearn (@auberryberry) explains DevOps security approach Blue by Default. Security practices move prior to testing and delivery to ensure focus.
Read More...

How to Become an OSS Champion

By Katie McCaskey on July 26, 2019 DevOps Culture
Sonatyper Fernando Cremer shows leaders how to champion open source use in modern software production. Here are his recommendations to drive adoption.
Read More...

Free Software, But No Free Lunch

By Katie McCaskey on July 25, 2019 security
Today's threat surface is the software itself. How can Fortune 100 companies and others protect themselves? One security practice is counterintuitive.
Read More...

Why Software Composition Analysis (SCA) Demands Precision

Software Composition Analysis: Getting to the Signal Through the Noise, by 451 Research, demonstrates Sonatype's leadership in software composition analysis.
Read More...

PyPi 'Cheese Shop' Malware Illustrates Software Supply Chain Risk Vector

By Katie McCaskey on July 22, 2019 dependency injection
Malicious actors circumvented the PyPI package repo manager, a classic case demonstrating why understanding open source code dependencies is critical.
Read More...

Extreme Endurance Required

By Katie McCaskey on July 19, 2019 News and Views
Sonatyper Mark Dodgson will test his physical limits and mental toughness participating in an athletic event that is 10x an Ironman, a first for the UK.
Read More...

DevOps at the US Patent and Trademark Office

By Katie McCaskey on July 18, 2019 devsecops
The US Patent and Trademark Office's Fee Processing Next Generation (FPNG) is an example of a government agency moving to a devops development environment.
Read More...

A World of Infinite Choice in Open Source Software

The 2019 Software Supply Chain Report explains the development environment we're all living in and what we can learn from exemplar dev teams.
Read More...