Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Implementing DevSecOps with 1,162 Apps

By Derek Weeks on April 22, 2019 devsecops
True DevSecOps includes breaking builds when vulnerable open source is found. But, implementing that level of precision is not an easy task. Hiep Tran from Capital Group, shares the process they wen
Read More...

From 0 to Accredited in 23 Days

By Derek Weeks on April 22, 2019 devops tools
DevSecOps in Government - What if there was a way to go from 0 to accredited in 23 days? Leonel Garciga DoD’s Joint Improvised Threat Defeat Organization shares how.
Read More...

Full Lifecycle Container Security

By Derek Weeks on April 17, 2019 devsecops
As containers become a greater part of the DevOps pipeline, securing them is top of mind. John Morello, Twistlock CTO, shared thoughts at the 2018 Nexus User Conference on how-to secure them across
Read More...

Deploying DevOps in Government - the Second Time is the Charm

By Derek Weeks on April 15, 2019 devsecops
Getting buy-in from a government agency to change anything, is not an easy task. Mieke Deene walks us through the 6 challenges she overcame to convince the Dutch Government to adopt DevOps practices.
Read More...

Sonatype Goes to CloudBees Days

By Janie Gelfond on April 12, 2019 devsecops
We're always excited to spend time with our friends at CloudBees - and participating in their CloudBees Days tour is no different.
Read More...

40 DevSecOps Reference Architectures To Learn From

By Janie Gelfond on April 04, 2019 devsecops
Scaling DevSecOps is no easy feat. There are so many ways to automate security across the SDLC, that it can become overwhelming quickly. That's why we created DevSecOps Reference Architecture
Read More...

Fannie Mae: Scaling the DevOps Enterprise

By Derek Weeks on April 02, 2019 devsecops
Fannie Mae has $100 B in annual revenue, over 7,200 employees, 468 applications and 1,200 software assets. Combine all of that with their unique role of being a government-sponsored, public entity -
Read More...

Why You Need DevSecOps and Artifact Repositories

By Derek Weeks on March 26, 2019 artifact repository
In her talk at the 2018 Nexus User Conference, Helen Beal, DevOpsologist at Ranger 4, discusses artifact repositories and their role in the DevSecOps toolchain
Read More...

Keeping third-party dependencies in check with Nexus Lifecycle

By Nikita Belokopytov on March 18, 2019 Nexus Lifecycle
Sonatype's Nexus Lifecycle (IQ Server) helps teams with big ambitions better manage their third-party dependencies. Quandoo engineer Nikita Belokopytov shares how he's using it.
Read More...