Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

GDPR Gets Teeth: British Airways and Marriott Fined

By Ilkka Turunen on July 09, 2019 devsecops
Fines levied at British Airways and Marriott International under GDPR show why data protection must be a central part of the software supply chain.
Read More...

Developers, Rejoice: Auto-Remediation Now Available in Eclipse, IntelliJ, and Visual Studio

By Sonal Thawani on July 08, 2019 Nexus Lifecycle
Auto-remediation makes it even easier to choose the best component right within an IDE. The CIP now automatically suggests the compliant version.
Read More...

New Cloud-Native CI/CD Projects OpenShift Pipelines and Tekton

By Katie McCaskey on July 01, 2019 devsecops
Siamak Sadeghianfar of RedHat explains how the open source projects Tekton and OpenShift support cloud-native CI/CD projects.
Read More...

Developers: We Must Evolve

By Derek Weeks on June 28, 2019 Devops
Chris Roberts of Attivo Networks sees many trends colliding that will require developers to adopt DevSecOps practices - now!
Read More...

New in Repo - Repository Routing Helps Protect Against Dependency Hijacking Attacks

By Sable Yemane on June 26, 2019 Nexus Repository
How to create a repository routing rule to prevent developers from pulling a private package from a public repository. Company Pied Piper as an example.
Read More...

What 36,000 OSS Projects and 12,000 Commercial Dev Teams Taught Us About Secure Coding Practices

By Derek Weeks on June 25, 2019 Software Supply Chain
Our 2019 State of the Software Supply Chain Report Reveals Best Practices From 36,000 OSS Dev Teams and 12,000 commercial software engineering teams.
Read More...

Achieving a Managed State Model For Your Software Supply Chain

Secure software development processes share attributes with other human endeavors such as cooking, reading, and sports, says Santi Mulukutla of Sonatype.
Read More...

DevSecOps: Security at the Speed of DevOps

By Katie McCaskey on June 18, 2019 devsecops
Larry Maccherone of Comcast shares his DevSecOps Manifesto and strategies he's used to foster the cultural change necessary to implement DevSecOps.
Read More...

DevOps Culture: The Neuroscience of Behavior

By Katie McCaskey on June 18, 2019 devsecops
Helen Beal of Ranger4 takes a look at how the brain works, and what that means for cultural transformation. This is your brain on DevOps.
Read More...