New DepShield App Democratizes OSS Governance Press Release

The Latest in DevSecOps

Get Blog Updates

Hear no Evil, See no Evil, Deploy no Evil
by David Jones, on August 20, 2014

Tags: Cyber Supply Chain Management and Transparency Act, H.R. 5793, government open source software (GOSS), open source components, Cyber Chain Integrity Act, application supply chain management, software testing, open source software supply chain, Open Source, Cyber Supply Chain, Application Security, bill of materials (of 3rd party and open source co, cyber supply chain management, Software supply chain management, AppSec Spotlight, 3rd party software

Trusting Third-Party Code That Can't Be Trusted
by Derek Weeks, on July 22, 2014

Tags: Component Lifecycle Management, Software Supply Chain, Nexus, component vulnerabilities, AppSec Spotlight, 3rd party software, open source software

Financial Services Organizations have Open Eyes on Open Source
by Derek Weeks, on February 20, 2014

Tags: Component Lifecycle Management, Sonatype Says, FS-ISAC controls, open source governance, policy enforcement, Everything Open Source, Open Source, industry guidelines, AppSec Spotlight, 3rd party software

ALL POSTS

Recent Posts

Posts by Topic

see all
Products
Customers
Resources
About
Social
Twitter LinkedIn Facebook Google+ YouTube

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 5 Martin Place, Level 14, Sydney 2000, NSW, Australia 
London Office - 1 Primrose St, London EC2A 2EX

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy