Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights CVE-2019-15753: OpenStack (os-vif), Denial of Service & Information Exposure

By Elisa Velarde on September 27, 2019 vulnerabilities
In this month's Nexus Intelligence Insights, we're covering CVE-2019-15753: a MAC address aging vulnerability that opens up the potential for a DoS and information exposure attack.
Read More...

The Dot Zero Conundrum and the New Frontier of Securing Open Source

By Brian Fox on September 24, 2019 code quality
Sonatype is combining a new type of behavioral analysis with machine learning and proprietary data, creating early warning capabilities to detect malicious releases of open source components.
Read More...

CALMS: A Principle-based DevOps Framework

By Ember DeBoer on September 23, 2019 devops best practices
The CALMS framework for devops consists of Culture, Automation, Lean, Measurement, and Sharing.
Read More...

Win a $100 Gift Card: Take a Brief Survey on Software Composition Analysis

By Shade Solon on September 20, 2019 github
If you are excited about GitHub Actions, and want to understand the open source dependencies in your software, fill out this survey for a chance to win.
Read More...

Introducing a Better Way to Learn Sonatype Products

By Dan Fletcher on September 19, 2019 Sonatype training
Sonatype Learn is a new education portal that provides an engaging way to broaden and deepen your Sonatype skills. Access this material anytime, anywhere.
Read More...

Accelerate: A Principle-based DevOps Framework

By Ember DeBoer on September 18, 2019 devops best practices
The devops framework proposed by the Accelerate authors is focused on three key areas: Continuous Delivery, Architecture, and Product Process.
Read More...

Advancing Application Delivery

By Derek Weeks on September 17, 2019 AppSec
Swati Shah of US Bank describes the steps required to implement Continuous Delivery in a regulated environment.
Read More...

Three Ways: A Principle-based DevOps Framework

By Ember DeBoer on September 16, 2019 devops best practices
Three Ways is a principle-based devops framework. The Three Ways framework includes: first, Flow, second, Feedback, third, Continuous Learning.
Read More...

A More Secure Web Needs Developers, Defenders, Advocates, and OSS

By Katie McCaskey on September 13, 2019 security
The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...