Wicked Good Development Episode 22: Fall 2022 Maven Central Updates

By Kadi Grigg on December 02, 2022 Community

16 minute read time

Get the latest Maven Central updates, how we're addressing pain points, and the latest features that make Maven more unified and powerful than before. 
Read More...

The Top 10 2022 All Day DevOps Sessions

By Sonatype on November 23, 2022 events

2 minute read time

ADDO 2022 featured 180 speakers across six tracks, but these 10 sessions drew in the most viewers. Register to watch the top sessions and more.
Read More...

Wicked Good Development Episode 21: James McLeod Shares His Journey to FINOS and Beyond

By Kadi Grigg on November 21, 2022 Community

26 minute read time

James McLeod, Director of Community for FINOS, talks about his journey and working closely with some of the world’s largest banks and cloud providers
Read More...

Wicked Good Development: Key Takeaways From the State of the Software Supply Chain Report

By Kadi Grigg on November 17, 2022 Software Supply Chain

3 minute read time

Jump into to these four bonus episodes to find highlights and critical takeaway's from Sonatype's 8th Annual State of the Software Supply Chain Report.
Read More...

What do Log4Shell and a Global Pandemic Have in Common?

By Theresa Mammarella on November 15, 2022 AppSec

4 minute read time

A look at development through the lens of weddings, including long-term planning, contingencies, and disasters. A video talk from this years DEVOXX.
Read More...

Open Source Basic Practices for Higher Quality Code to Fundamentally Strengthen Your Project

By Aaron Linskens on November 09, 2022 Open Source

8 minute read time

A look at some basic practices for higher quality code to help fundamentally strengthen your project.
Read More...

What the OpenSSL Vulnerabilities Are…and Aren't (CVE-2022-3786 & CVE-2022-3602)

By Eddie Knight on November 01, 2022 Known Vulnerabilities

4 minute read time

It’s been a week since we were warned about the OpenSSL vulnerability. We're here to help you understand what this vulnerability is and what it is not.
Read More...

This Week in Malware - Over 70 Packages Discovered

By Aaron Linskens on October 28, 2022 vulnerabilities

2 minute read time

This week, we discovered and analyzed six dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
Read More...

A New OpenSSL Vulnerability Is Coming - Get Ready to Patch

By Ilkka Turunen on October 26, 2022 News

3 minute read time

On Tuesday 1st of November, between 1-5pm UTC a new version of the widely adopted OpenSSL 3.x series will be released for general consumption.
Read More...