Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

NIST: Adopt a Secure Software Development Framework (SSDF) to Mitigate Risk of Software Vulnerabilities

NIST recommends a SSDF framework to assess open source component cybersecurity risks, including an SBOM and automated security controls in the SDLC.
Read More...

Federal DevSecOps Leaders: It's Time to Join The Conversation

The DevSecOps Government Leadership Forum, typically hosted in Washington, D.C., will be hosted online so government leaders everywhere can participate.
Read More...

NIST Proposes Standards to Secure Government SDLC

NIST has proposed a set of standards to address the growing need for better software security. Public comment is open until August 5, 2019.
Read More...

Cybersecurity Improvement Act of 2017:  The Ghost of Congress Past

A steady breeze is blowing from Washington DC that is nudging the software industry toward a future in which vendors will no longer be immune to liability.
Read More...

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...

Code, Cars, and Congress: A Time for Cyber Supply Chain Management

Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...