Sonatype Selected by Equifax to Support OS Governance Press Release

SON_logo_blog_2

DevOps and Opportunities in Software Supply Chain Governance

By Wayne Jackson on February 09, 2017 open source governance

Governance has been an evil word for software developers but new approaches unlock massive gains in productivity, reductions in cost, and improvements in

Read More...

DevSecOps: Better Software, Faster

By Derek Weeks on February 08, 2017 repository health check

“The big problems are where people don't realize they have one in the first place.” - W. Edwards Deming, patron saint of DevOps.

Read More...

All Day DevOps: Practitioner-to-Practitioner

By Derek Weeks on October 30, 2016 Devops

Over the past year, I have traveled to and delivered presentations at 18 DevOps events. I’ve also heard that over the past several years, John Willis has

Read More...

All Day DevOps Conference: Bringing DevOps to the World

By Derek Weeks on September 08, 2016 Devops

An Audacious Plan

The global audience for DevOps is expanding faster than any one person or company can keep up with. While DevOps Days and other regional

Read More...

Government Asks: What’s in Your Software?

By Derek Weeks on July 29, 2016 DevOpsSec

U.S. Government pays closer attention to software components

Multiple agencies across the U.S. government are paying closer attention to the software they

Read More...

An Insider's View: Analyzing Software Supply Chains

I recently sat down for a spell with Bruce Mayhew, Director of Research and Development at Sonatype and co-author/project lead for OWASP WebGoat, to discuss

Read More...

Rugged DevOps: Survival is Not Mandatory

By Derek Weeks on January 25, 2016 Nexus solutions

Deming, the patron saint of DevOps once advised, “It is not necessary to change. Survival is not mandatory.”

Read More...

DevOps Leadership Series: Security at Velocity [Video]

By Derek Weeks on May 12, 2015 OWASP

If it does not fit, it does not get done. For many DevOps practices, application security falls into the “does not get done” bucket. That’s because for many

Read More...

Should DevOps Account for Continuous Trust of Production Applications?

By Jessica Dodson on January 09, 2014 Application Security

To find previous blogs in this DevOps series, read:

Read More...