Skip Navigation
Book a Demo
Book a Demo

Featured Article

Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day

By Ax Sharma on October 12, 2023 vulnerability

Discover ten open source packages affected by the HTTP/2 Rapid Reset vulnerability, disclosed by Cloudflare this week

Read More

SHARE:

Sonatype_Blog_Logo_White
GettyImages-1075234744-1
READ MORE

DevSecOps for a Dollar or Less

By Derek Weeks on October 07, 2019 OWASP

3 minute read time

The DevSecOps Maturity Model (DSOMM) helps you analyze your organization's development pipeline to see where you need to improve.
Read More...
iStock-156015653.jpg
READ MORE

DevOps and Opportunities in Software Supply Chain Governance

By Wayne Jackson on February 09, 2017 open source governance

4 minute read time

Governance has been an evil word for software developers but new approaches unlock massive gains in productivity, reductions in cost, improvements in quality.
Read More...
READ MORE

DevSecOps: Better Software, Faster

By Derek Weeks on February 08, 2017 repository health check

3 minute read time

1 in 16 open source and third-party components downloaded last year included a known vulnerability. That may not seem like too many until you realize the average company downloads well over 200,000
Read More...
Screen Shot 2016-10-30 at 9.21.36 AM.png
READ MORE

All Day DevOps: Practitioner-to-Practitioner

By Derek Weeks on October 30, 2016 Continuous Delivery

2 minute read time

All Day DevOps will deliver 57 practitioner-led sessions over 15 hours and 15 time zones. No vendor pitches are allowed.
Read More...
READ MORE

All Day DevOps Conference: Bringing DevOps to the World

By Derek Weeks on September 08, 2016 Continuous Delivery

4 minute read time

November 15, 2016 will see the first truly global, online DevOps Conference: All Day DevOps. 15 hours, 15 time zones, 54 sessions, 3 keynotes.
Read More...
Screen_Shot_2016-07-29_at_4.53.51_PM.png
READ MORE

Government Asks: What’s in Your Software?

5 minute read time

Top performing development organizations embrace supply chain management best practices, including use of a Software Bill of Materials (BOM).
Read More...
Screen_Shot_2016-07-06_at_7.25.55_PM.png
READ MORE

An Insider's View: Analyzing Software Supply Chains

5 minute read time

2016 state of the software supply chain report reveals the volume of open source component usage and quantifies the presence of known vulnerabilities.
Read More...
READ MORE

Rugged DevOps: Survival is Not Mandatory

By Derek Weeks on January 25, 2016 Nexus solutions

4 minute read time

Deming, the patron saint of DevOps once advised, “It is not necessary to change. Survival is not mandatory.” To survive, application development teams are constantly pressured to deliver software

Read More...
READ MORE

DevOps Leadership Series: Security at Velocity [Video]

By Derek Weeks on May 12, 2015 Software Supply Chain

1 minute read time

If it does not fit, it does not get done. For many DevOps practices, application security falls into the “does not get done” bucket. That’s because for many DevOps-centric organizations, application

Read More...