What We Learned from Studying 36,000 OSS Projects | Press Release

blog-logo Sonatype Blog

It Pays to Discover Sonatype

By Katie McCaskey on October 03, 2019 open source governance
Karthik Loganathan and Giri Rao of Discover explain how the financial services company benefits from Sonatype's open source license management platform.
Read More...

A More Secure Web Needs Developers, Defenders, Advocates, and OSS

By Katie McCaskey on September 13, 2019 security
The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...

Development Velocity Is a Surprisingly Good Thing, Says Researchers

By Katie McCaskey on August 13, 2019 open source governance
Organizations with DevOps culture produce high frequency release schedules and stronger MTTU (mean time to update) response scores, to the benefit of all.
Read More...

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

By Katie McCaskey on August 05, 2019 open source governance
Toyota developed a vehicle production framework, still in use today, that shapes contemporary software supply chain management, too.
Read More...

Free Software, But No Free Lunch

By Katie McCaskey on July 25, 2019 security
Today's threat surface is the software itself. How can Fortune 100 companies and others protect themselves? One security practice is counterintuitive.
Read More...

PyPi 'Cheese Shop' Malware Illustrates Software Supply Chain Risk Vector

By Katie McCaskey on July 22, 2019 dependency injection
Malicious actors circumvented the PyPI package repo manager, a classic case demonstrating why understanding open source code dependencies is critical.
Read More...

A World of Infinite Choice in Open Source Software

The 2019 Software Supply Chain Report explains the development environment we're all living in and what we can learn from exemplar dev teams.
Read More...

What 36,000 OSS Projects and 12,000 Commercial Dev Teams Taught Us About Secure Coding Practices

By Derek Weeks on June 25, 2019 Software Supply Chain
Our 2019 State of the Software Supply Chain Report Reveals Best Practices From 36,000 OSS Dev Teams and 12,000 commercial software engineering teams.
Read More...