Another SolarWinds? The latest software supply chain attack on 3CX

By Luke Mcbride on April 06, 2023 Software Supply Chain

6 minute read time

Get insights on the recent 3CX software supply chain attack and the growing importance of effective dependency management to protect against cyberattacks.
Read More...

Cyber-readiness and changing federal government SBOM requirements

By Cate Richards on March 27, 2023 News and Views

6 minute read time

Upcoming regulatory changes are coming to go from software transparency to better address cyber-readiness at the Federal level and beyond.
Read More...

2023 predictions: What will happen in software supply chain governance?

By Luke Mcbride on January 09, 2023 Software Supply Chain

8 minute read time

A look at what we're expecting in the coming year, including open source security, software supply chain attacks, regulation, DevOps, and more.
Read More...

Setting boundaries: How procurement relates to security (Part 1)

By Michael Griffin on August 24, 2022 News and Views

4 minute read time

Whether your organization calls it purchasing, requisition, bidding, or business operations, not managing what comes into your company can be expensive.
Read More...

A clear path forward toward more secure and maintainable open source software

By Brian Fox on May 13, 2022 featured

7 minute read time

Sonatype CTO shares thoughts following conversations, led by OpenSSF, where industry and government came together to discuss securing open source software.
Read More...

Open source and diversity in tech: Women@Sonatype

By Luke Mcbride on March 08, 2022 Women in Tech

8 minute read time

Celebrating International Women's Day (March 8), the Women@Sonatype group discusses community, recruiting, onboarding, inclusion, and beyond.
Read More...

Why companies should contribute to open source – and how to do it

By Matt Freeland on February 03, 2022 Community

7 minute read time

Your company relies on open source projects; giving back to them can reduce tech debt, accelerate innovation, and reduce your developers’ cognitive load. 
Read More...

A non-programmer introduction to the software supply chain (Electron)

By Luke Mcbride on October 14, 2021 Software Supply Chain

3 minute read time

Connecting the larger use by the software industry of component programs to something most people have on their machine right now: The Electron Framework.
Read More...

Software supply chains: An introductory guide

By Luke Mcbride on October 08, 2021 Open Source

8 minute read time

Take a closer look at the software supply chain, including what it contains, why it’s important, and how to protect it from vulnerabilities.
Read More...