What We Learned from Studying 36,000 OSS Projects | Press Release

blog-logo Sonatype Blog

DevSecOps Elite and Their Reference Architecture

By Katie McCaskey on October 25, 2019 devsecops
Derek Weeks and DJ Schleen provide insights into the practices and toolsets used by DevSecOps professionals. Watch their DevOps World presentations here.
Read More...

Take This Interactive DevSecOps Reference Architecture For a Test Drive

By Katie McCaskey on August 30, 2019 reference architecture
An interactive DevSecOps reference architecture illustrates manual and automated processes, plus interactions between systems, stakeholders, and security.
Read More...

What is the Definition of DevSecOps?

By Ember DeBoer on June 11, 2019 devsecops
DevSecOps protects the software supply chain, from initial open source component selection to building, staging, and releasing an application. What is it?
Read More...

Infrastructure as Code on AWS

By Katie McCaskey on May 31, 2019 devsecops
Managing infrastructure as artifacts of code, instead of hardware, is key to scaling software organizations. Review key AWS implementation tactics here.
Read More...

Nexus Intelligence Insights: CVE-2019-0232 - Apache Tomcat CGI Servlet Remote Code Execution

By Elisa Velarde on April 26, 2019 vulnerability
In this month's Nexus Intelligence Insights we discuss a very popular component used by developers worldwide. Say hello to CVE-2019-0232, a remote code execution vulnerability.
Read More...

40 DevSecOps Reference Architectures To Learn From

By Janie Gelfond on April 04, 2019 devsecops
Scaling DevSecOps is no easy feat. There are so many ways to automate security across the SDLC, that it can become overwhelming quickly. That's why we created DevSecOps Reference Architecture
Read More...