Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights: Sonatype-2020-0003 - npm malicious package 1337qq-js

By Elisa Velarde on January 15, 2020 vulnerabilities
In this month's Nexus Intelligence Insights, we cover Sonatype-2020-0003: npm malicious package 1337qq-js. Here's why it made noise but had no impact.
Read More...

Shifting Security Left: The Innovation of DevSecOps

By Sylvia Fronczak on January 02, 2020 shift left
DevSecOps is a cultural shift that reinforces the mindset that everyone is responsible for security. Here's why this idea is so innovative and productive.
Read More...

Why You Need a Software Bill of Materials More Than Ever

By Katie McCaskey on December 05, 2019 software bill of materials
Enterprises need to know what open source components are in their software at all times. If you don't have a software bill of materials, you're already behind.
Read More...

5 Ways Your Organization Benefits from DevSecOps

By Akshay 'Ax' Sharma on November 14, 2019 devsecops
It's important to understand why DevSecOps matters in this day and age of security breaches and what the pragmatic benefits are for your organization.
Read More...

Sonatype Partners with All Day DevOps to Deliver the Largest DevOps Conference for 36,000

By Derek Weeks on November 05, 2019 DevOps Culture
In conjunction with All Day DevOps, Sonatype helps to educate more than 36,000 IT professionals. Join us on Nov. 6.
Read More...

Tara Hernandez Talks Code Rush, Google, DevOps

By Mark Miller on October 29, 2019 DevOps in the Cloud
Tara Hernandez reflects on her time at Netscape in 1998, how that experience informs her present work, and what DevOps trends continue to evolve.
Read More...

DevSecOps Elite and Their Reference Architecture

By Katie McCaskey on October 25, 2019 devsecops
Derek Weeks and DJ Schleen provide insights into the practices and toolsets used by DevSecOps professionals. Watch their DevOps World presentations here.
Read More...

Make Sure to Cover Your Auth

By Derek Weeks on October 23, 2019 devsecops
Aditya Balapure (@adityabalapure) explores how authentication has evolved and makes recommendations for DevSecOps teams to improve their security.
Read More...

DevSecOps for a Dollar or Less

By Derek Weeks on October 07, 2019 OWASP
The DevSecOps Maturity Model (DSOMM) helps you analyze your organization's development pipeline to see where you need to improve.
Read More...