Sonatype Selected by Equifax to Support OS Governance Press Release

SON_logo_blog_2

Application Security Risk in 2019: It's All About The Supply Chain

It’s that time of year again – time to reminisce on the past year and prepare our organizations to tackle the opportunities and challenges that lie ahead in

Read More...

Inevitable:  Earthquakes and Exploits

By Mike Hansen on November 15, 2018 AppSec

Nate Silver’s 2012 book “The Signal and The Noise” crisply explains the inevitability of earthquakes and the accuracy with which their frequencies and

Read More...

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 devsecops

Earlier this year I wrote a two part series called CI In The Age Of Containers - Part 1 & Part 2. My original goal was to explore the impact container might

Read More...

Zero Day, Now What?

By Curtis Yanko on September 27, 2017 AppSec

We at Sonatype spend a lot of time talking about shifting application security and OSS governance to the left and rightfully so. Like so many other 'quality'

Read More...

Do You View Your AppSec Tools as an Inhibitor to Innovation or a Safety Measure?

By Helen Beal on March 23, 2017 AppSec

DevOps is all about making better software faster.  It also requires making it more safely while compressing the time between ideation to realisation. I

Read More...

Step-by-Step: Block and Quarantine Vulnerable Open Source Components and Artifacts with Nexus Firewall

By Mike Hansen on February 01, 2017 Nexus Firewall

We have added two more videos in the Tips from the Trenches Series free video based training, explaining how to configure and use Nexus Firewall to block

Read More...

The Nexus Firewall – Perimeter Defense for Software Development

By Mike Hansen on January 25, 2017 Devops

The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality at

Read More...

Software Supply Chains: DevOps Lessons Learned from Southwest Airlines

By Wayne Jackson on November 23, 2015 Sonatype vs. Black Duck

I was talking to a new business acquaintance the other day and had a really interesting exchange. It went something like this:

Read More...

Nexus Firewall: Quality at Velocity

By Mike Hansen on November 17, 2015 nexus pro

The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality

Read More...