Featured Article
Introducing our 9th annual State of the Software Supply Chain report
Better software development: Insights from the SBOM Scorecard
2 minute read time
Data Insights– a look at Sonatype's SBOM scorecard.
Read More...
Sonatype named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing
4 minute read time
Sonatype is named to the 2023 Gartner Magic Quadrant for Application Security Testing (AST).
Read More...
Another SolarWinds? The latest software supply chain attack on 3CX
6 minute read time
Get insights on the recent 3CX software supply chain attack and the growing importance of effective dependency management to protect against cyberattacks.
Read More...
Best practices in dependency management: Cooking a meal of gourmet code
5 minute read time
Close to 85% of every application is open source software. Better understanding your software supply chain starts with understanding dependency management.
Read More...
SCA and SAST: What do they do and how can they help developers like you?
4 minute read time
SCA and SAST tools help DevSecOps teams and application developers work together to identify vulnerabilities and improve security.
Read More...
What do Log4Shell and a Global Pandemic Have in Common?
4 minute read time
A look at development through the lens of weddings, including long-term planning, contingencies, and disasters. A video talk from this years DEVOXX.
Read More...
Breaking Organizational Silos for Better Application Security
3 minute read time
Security depends on collaboration and communication. Our recent Elevate talk breaks down pillars, structure, and suggestions for organizational silos.
Read More...
Compliance as Code
4 minute read time
Compliance is a growing consideration for application security and must be managed.
Read More...
OWASP Top 10 Overview
4 minute read time
Caroline Wong is a Chief Strategy Officer who teaches the OWASP Top 10. She uses memorable analogies to explain all ten.
Read More...