How a Software Bill of Materials Uncovers Known Vulnerabilities

3 minute read time

How a Software Bill of Materials Uncovers Known Vulnerabilities
Read More...

Real World Experiences: Blackboard

3 minute read time

As part of a new series we're calling 'Real World Experiences' we'll be highlighting how Sonatype customers are benefiting from greater development efficiency, higher productivity levels, faster time

Read More...

The Software Supply Chain Piques Interest

3 minute read time

As we looked back at what our readers found most intriguing in the past year, we found one central theme: managing their software supply chain. Our readers wanted to know in a continuous world, where

Read More...

Talking Turkey in Texas: Open Source Governance Lags

3 minute read time

Talking Turkey in Texas: Open Source Governance Lags
Read More...

CIO.com: Helping Developers Reduce Open Source Risk

1 minute read time

CIO.com: Helping Developers Reduce Open Source Risk
Read More...

Bash 2014 - This Is Not a Party

2 minute read time

I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and

Read More...

Skeleton Key

2 minute read time

A skeleton key is capable of opening any lock regardless of make or type. Do you know anyone who has one? I do. Lots of them. At the HP Protect conference last week in Washington DC, the theme of
Read More...

11,000 Voices

2 minute read time

This week, I will be attending AppSec USA in Denver with the rest of our Sonatype crew. While it will be my first time attending the event, I am really excited to be leading a panel discussion at the

Read More...

Time for Full Open Source Disclosure

4 minute read time

We are not the first industry to face this challenge. But many are convinced our problem is much smaller than it really is or that it does not exist. They simply ignore it. Or choose to do nothing

Read More...