Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

What is the Definition of DevSecOps?

By Ember DeBoer on June 11, 2019 devsecops
DevSecOps protects the software supply chain, from initial open source component selection to building, staging, and releasing an application. What is it?
Read More...

Infrastructure as Code on AWS

By Katie McCaskey on May 31, 2019 devsecops
Managing infrastructure as artifacts of code, instead of hardware, is key to scaling software organizations. Review key AWS implementation tactics here.
Read More...

Nexus Intelligence Insights: CVE-2019-0232 - Apache Tomcat CGI Servlet Remote Code Execution

By Elisa Velarde on April 26, 2019 vulnerability
In this month's Nexus Intelligence Insights we discuss a very popular component used by developers worldwide. Say hello to CVE-2019-0232, a remote code execution vulnerability.
Read More...

40 DevSecOps Reference Architectures To Learn From

By Janie Gelfond on April 04, 2019 devsecops
Scaling DevSecOps is no easy feat. There are so many ways to automate security across the SDLC, that it can become overwhelming quickly. That's why we created DevSecOps Reference Architecture
Read More...