Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
GettyImages-670953786
READ MORE

DevSecOps Elite and Their Reference Architecture

By Katie McCaskey on October 25, 2019 devsecops

3 minute read time

Derek Weeks and DJ Schleen provide insights into the practices and toolsets used by DevSecOps professionals. Watch their DevOps World presentations here.
Read More...
GettyImages-1058615028
READ MORE

Take This Interactive DevSecOps Reference Architecture For a Test Drive

By Katie McCaskey on August 30, 2019 reference architecture

2 minute read time

An interactive DevSecOps reference architecture illustrates manual and automated processes, plus interactions between systems, stakeholders, and security.
Read More...
GettyImages-185786871
READ MORE

What is the Definition of DevSecOps?

By Ember DeBoer on June 11, 2019 devsecops

6 minute read time

DevSecOps protects the software supply chain, from initial open source component selection to building, staging, and releasing an application. What is it?
Read More...
GettyImages-992091590-1
READ MORE

Nexus Intelligence Insights: CVE-2019-0232 - Apache Tomcat CGI Servlet Remote Code Execution

By Elisa Velarde on April 26, 2019 vulnerability

3 minute read time

Learn about a very popular component used by developers worldwide. Say hello to CVE-2019-0232, a remote code execution vulnerability.
Read More...
GettyImages-926689776
READ MORE

40 DevSecOps Reference Architectures To Learn From

By Janie Gelfond on April 04, 2019 devsecops

1 minute read time

Scaling DevSecOps is no easy feat. There are so many ways to automate security across the SDLC, that it can become overwhelming quickly.
Read More...