Meet an open source contributor: Sal Kimmich

By Ilkka Turunen on February 03, 2022 Everything Open Source

4 minute read time

Meet Sal Kimmich one of the incredible open source contributors at Sonatype. Learn more about why and how they got into open source.
Read More...

Meet an open source contributor: Jeffry Hesse

By Sal Kimmich on February 03, 2022 Everything Open Source

3 minute read time

Meet Jeffry Hesse, one of the incredible open source contributors at Sonatype.
Read More...

Meet an open source contributor: Paul Horton

By Sal Kimmich on February 03, 2022 Everything Open Source

2 minute read time

Meet Paul Horton, one of the incredible open source contributors at Sonatype. Learn more about why he thinks more people should focus on Python.
Read More...

How to establish an open source program office

By Mark Henke on June 24, 2020 open source governance

3 minute read time

Develop an open source software program office to streamline use and compliance. By aligning goals with success metrics, the value of the office is clear.
Read More...

OSS Index contributor asks: Where 'R' you?

2 minute read time

Dr. Colin Gillespie, co-author of the book, Efficient R Programming, talks about contributing to open source software projects and using OSS Index.
Read More...

NIST: Adopt a Secure Software Development Framework (SSDF) to mitigate risk of software vulnerabilities

2 minute read time

NIST recommends a SSDF framework to assess open source component cybersecurity risks, including an SBOM and automated security controls in the SDLC.
Read More...

Community Updates: Nancy Has a New Ship, and Found oysteRs

By DJ Schleen on March 16, 2020 Docker

2 minute read time

Nancy checks for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index and Nexus IQ Server. Another community contribution is oysteR.
Read More...

How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

By Aditya Khanduri on February 20, 2020 Everything Open Source

6 minute read time

Jake, a free tool, identifies vulnerabilities in a Conda environment. It's simple to use, saves time, and empowers you to develop Python projects faster.
Read More...

Gartner: The Crucial Role of OSS License Compliance

4 minute read time

Gartner's SCA recommendations include deep understanding of OSS licensing. Operating without license compliance, intentionally or not, invites peril.
Read More...