Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Improving DevSecOps at the GSA

By Derek Weeks on September 05, 2019 government
The General Service Administration shares how it adopted devops practices interagency in this presentation, Getting There: The Journey to Government DevOps.
Read More...

Continuous Authorization with DevSecOps

By Katie McCaskey on August 06, 2019 devsecops
Continuous Authentication is a dynamic process that examines attributes that change and continually validates them. Hasan Yasar explains the DevSecOps fit.
Read More...

DevOps at the US Patent and Trademark Office

By Katie McCaskey on July 18, 2019 devsecops
The US Patent and Trademark Office's Fee Processing Next Generation (FPNG) is an example of a government agency moving to a devops development environment.
Read More...

Alexa: What’s the Future of Cyber Security?

By Katie McCaskey on May 02, 2019 devsecops
The software supply chain connects everyone and everything but attacks to this connected web can be blatant and overt, with damaging consequences - especially within the federal government.
Read More...

From 0 to Accredited in 23 Days

By Derek Weeks on April 22, 2019 devops tools
DevSecOps in Government - What if there was a way to go from 0 to accredited in 23 days? Leonel Garciga from the DoD’s Joint Improvised Threat Defeat Organization shares how.
Read More...

The Weakest Link Might be Your Supply Chain: Just Ask The Pentagon

By Matt Howard on August 13, 2018 devsecops
Whether you’re talking about software applications, or national security, there is an imminent need to better understand who you’re doing business with, and what’s coming into your house.
Read More...

Cancer Sucks. DevOps Helps.

By Derek Weeks on January 17, 2018 github
Sara Elkins tells the story of how they are applying DevOps practices at the National Cancer Institute.
Read More...

Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

By Mark Miller on January 15, 2018 OWASP
A conversations about government vs public software security, the OWASP Top 10 and common security patterns in large scale projects.
Read More...

DevSecOps in Government: How to Deploy It and Own It

By Derek Weeks on November 29, 2017 Continuous Delivery
DevSecOps requirements that need to be met by any specific implementation before it can be considered a Standard GSA DevSecOps Platform to used in conjunction with the CTO, Deputy CIO, and CISO to
Read More...