Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Real World Experiences: Blackboard

As part of a new series we're calling 'Real World Experiences' we'll be highlighting how Sonatype customers are benefiting from greater development efficiency, higher productivity levels, faster time

Read More...

Part 1 - [ ________ ] is the Best Policy

Open source has been around for donkey’s years but until recently the persuasive argument of “many eyeballs” was the guiding policy when using open source. In comes the recent industry shock wave we

Read More...

Two AppSec Questions Always Asked

While Repository Health Checks are valuable, we just released something even better: the CLM 1.11 Dashboard. First of all, it helps you answer the first two critical open source vulnerability

Read More...

Trusting Third-Party Code That Can't Be Trusted

Paul Roberts (@paulfroberts) at InfoWorld recently shared his perspective on “5 big security mistakes coders make”. First on his list was trusting third-party code that can’t be trusted. Paul shares:

Read More...

Lessons of Youth: A License to Use

I can still recall (it actually pains me to count the years, so I refuse to) with perfect clarity the sound of my 1200 baud modem handshaking with my neighborhood’s local BBS. It’s a sound that so

Read More...

Open source components, a fine vintage or sour milk?

The U.S. recently overtook France as the world’s largest wine market. And here at Sonatype, we can proudly say we’ve contributed to this achievement. By not only consuming our fair share of wine but

Read More...

We're bringing sexy back, Sonatype hits the catwalk

Enthusiasm for securing the software supply chain is growing in both conversation and practice. For the past year, Sonatype has called for a new approach to securing the software supply chain that

Read More...

DevOps: The Last Great Hope for Application Security?

Once upon a time, there was a great battle between speed and security. Development wanted to go fast. But, security wanted to slow down and be safe. For years, they endured the pain of testing late

Read More...