Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Take This Interactive DevSecOps Reference Architecture For a Test Drive

By Katie McCaskey on August 30, 2019 reference architecture
An interactive DevSecOps reference architecture illustrates manual and automated processes, plus interactions between systems, stakeholders, and security.
Read More...

What is the Definition of DevSecOps?

By Ember DeBoer on June 11, 2019 devsecops
DevSecOps protects the software supply chain, from initial open source component selection to building, staging, and releasing an application. What is it?
Read More...

Infrastructure as Code on AWS

By Katie McCaskey on May 31, 2019 devsecops
Managing infrastructure as artifacts of code, instead of hardware, is key to scaling software organizations. Review key AWS implementation tactics here.
Read More...

Nexus Intelligence Insights: CVE-2019-0232 - Apache Tomcat CGI Servlet Remote Code Execution

By Elisa Velarde on April 26, 2019 vulnerability
In this month's Nexus Intelligence Insights we discuss a very popular component used by developers worldwide. Say hello to CVE-2019-0232, a remote code execution vulnerability.
Read More...

40 DevSecOps Reference Architectures To Learn From

By Janie Gelfond on April 04, 2019 devsecops
Scaling DevSecOps is no easy feat. There are so many ways to automate security across the SDLC, that it can become overwhelming quickly. That's why we created DevSecOps Reference Architecture
Read More...