One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

Holding the Industry Accountable

Humans often need to experience something before we change. As DevSecOps practitioners and leaders we should always be asking what needs changing and why.

Money Doesn’t Buy Happiness, But Happy Developers Protect Money

By Derek Weeks on June 26, 2020 devsecops
Developers in mature DevOps practices are 1.2x happier than their grumpy peers in the financial sector. This impacts software security, and your wallet.

Sonatype a Cybersecurity Impact Award Honoree

By Katie McCaskey on June 25, 2020 devsecops
Sonatype places in the second annual Cybersecurity Impact Awards, sponsored by CyberTacos, to recognize leaders in Washington, D.C., Maryland and Virginia.

Considering Nexus Auditor? You Should, But Know These Things First

By Kadi Grigg on June 25, 2020 JIRA
Nexus Auditor, in the right use case, is a solid, cost-effective solution. Is Nexus Auditor the solution for you? Maybe, maybe not. Here's how to find out.

How to Establish an Open Source Program Office

By Mark Henke on June 24, 2020 open source governance
Develop an open source software program office to streamline use and compliance. By aligning goals with success metrics, the value of the office is clear.

OSS Index Contributor Asks: Where 'R' You?

Dr. Colin Gillespie, co-author of the book, Efficient R Programming, talks about contributing to open source software projects and using OSS Index.

OWASP Top 10 Overview

By Erik Dietrich on June 22, 2020 OWASP
Caroline Wong is a Chief Strategy Officer who teaches the OWASP Top 10. She uses memorable analogies to explain all ten.

ZeroTrustOps: Securing at Scale

By Sylvia Fronczak on June 19, 2020 AppSec
With zero trust, you assume everything on the network is unsafe. You have to check trust explicitly. This stance improves security throughout the SDLC.

Continuously Improve CI/CD with Nexus Lifecycle and Bitbucket Code Insights

By Kevin Miller on June 18, 2020 atlassian
Developers using the Nexus platform integrated with Code Insights know when a change introduces risk, with contextual feedback for the individual branch.