Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Development Velocity Is a Surprisingly Good Thing, Says Researchers

By Katie McCaskey on August 13, 2019 open source governance
Organizations with DevOps culture produce high frequency release schedules and stronger MTTU (mean time to update) response scores, to the benefit of all.
Read More...

Continuous Authorization with DevSecOps

By Katie McCaskey on August 06, 2019 devsecops
Continuous Authentication is a dynamic process that examines attributes that change and continually validates them. Hasan Yasar explains the DevSecOps fit.
Read More...

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

By Katie McCaskey on August 05, 2019 open source governance
Toyota developed a vehicle production framework, still in use today, that shapes contemporary software supply chain management, too.
Read More...

Security Organizations Need to Start Thinking Like Developers

By DJ Schleen on July 30, 2019 security
Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...

DevOps at the US Patent and Trademark Office

By Katie McCaskey on July 18, 2019 devsecops
The US Patent and Trademark Office's Fee Processing Next Generation (FPNG) is an example of a government agency moving to a devops development environment.
Read More...

GDPR Gets Teeth: British Airways and Marriott Fined

By Ilkka Turunen on July 09, 2019 devsecops
Fines levied at British Airways and Marriott International under GDPR show why data protection must be a central part of the software supply chain.
Read More...

Developers, Rejoice: Auto-Remediation Now Available in Eclipse, IntelliJ, and Visual Studio

By Sonal Thawani on July 08, 2019 Nexus Lifecycle
Auto-remediation makes it even easier to choose the best component right within an IDE. The CIP now automatically suggests the compliant version.
Read More...

New Cloud-Native CI/CD Projects OpenShift Pipelines and Tekton

By Katie McCaskey on July 01, 2019 devsecops
Siamak Sadeghianfar of RedHat explains how the open source projects Tekton and OpenShift support cloud-native CI/CD projects.
Read More...

Developers: We Must Evolve

By Derek Weeks on June 28, 2019 Devops
Chris Roberts of Attivo Networks sees many trends colliding that will require developers to adopt DevSecOps practices - now!
Read More...