Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Why Does Security Matter For DevOps?

By Derek Weeks on October 01, 2019 security
Caroline Wong (@CarolineWMWong) explains why organizations that use DevOps are 2X more likely to succeed than peers.
Read More...

A More Secure Web Needs Developers, Defenders, Advocates, and OSS

By Katie McCaskey on September 13, 2019 security
The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...

DevSecOps & Chaos Engineering: Knowing the Unknown

By Derek Weeks on September 04, 2019 software testing
Aaron Rinehart (@aaronrinehart) dives into chaos engineering: what it is, why you need it, and how you can implement it in your organization.
Read More...

Building Microservice Architecture on Kubernetes

By Derek Weeks on August 22, 2019 open source goveranance
Namespace-level isolation is helpful for managing Kubernetes architecture. Also, do not put all things in the default namespace. Keep it simple.
Read More...

Better, Faster, Stronger: Nexus Lifecycle's Improved JIRA Add-on Gives Developers and AppSec Something to High-Five About

By Michelle Dufty on August 14, 2019 JIRA
Nexus Lifecycle's new JIRA add-on with violation reporting eliminates the admin overhead of managing fixes. Component fixes are assigned and tracked with one-click.
Read More...

Security Organizations Need to Start Thinking Like Developers

By DJ Schleen on July 30, 2019 security
Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...

Blue by Default

By Katie McCaskey on July 29, 2019 security
Aubrey Stearn (@auberryberry) explains DevOps security approach Blue by Default. Security practices move prior to testing and delivery to ensure focus.
Read More...

Empowering Developers: Security Self Serve and Automated Time-Based Waivers

Tyro recently empowered their developers to build more secure software by instituting time-based waivers. At the Nexus User Conference, they shared how they made it happen.
Read More...

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain
Containers and automated tools create new opportunities for software supply chains and opensource governance as well as system security. DevSecOps, application and system security are all visible in
Read More...