Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

Four Common Security Acronyms Explained

By DJ Schleen on March 02, 2020 security
SAST, DAST, CSA, OSSM, SCA? What do these acronyms mean, what exactly do they do, and why does it matter?
Read More...

For Distributed Teams, It’s Not All About the Tools

By Mark Kilby on February 26, 2020 Teamwork
A great distributed team starts with people with strong collaboration skills. The team needs time to understand each other's preferences to deliver value.
Read More...

Gartner: You Must Assess Overall Software Health and Welfare

By Katie McCaskey on February 24, 2020 Gartner
Gartner reports that mature organizations are expanding open-source management to include health assessment by default.
Read More...

The “Big Hack” That Actually Happened - Chinese Military Implicated in Equifax Breach

By Matt Howard on February 11, 2020 vulnerabilities
Members of the Chinese Military were implicated in the attack on Equifax's software supply chain. It's time to take software supply chain hygiene seriously.
Read More...

Tara Hernandez Talks Code Rush, Google, DevOps

By Mark Miller on October 29, 2019 DevOps in the Cloud
Tara Hernandez reflects on her time at Netscape in 1998, how that experience informs her present work, and what DevOps trends continue to evolve.
Read More...

What Developers Need to Know About WhatsApp's Recent Security Dilemma

By Katie McCaskey on October 08, 2019 AppSec
Sonatype issues an Advisory Deviation Notice for CVE-2019-11932, a vulnerability that exploits processor memory and recently affected WhatsApp.
Read More...

Sonatype Hosts Global Gatherings of DevSecOps Leaders and Innovators

By Katie McCaskey on October 04, 2019 thought leaders
October is dedicated to intimate gatherings of DevSecOps professionals, thought leaders, and decision makers in cities across North America and Europe.
Read More...

Security Should Stop Being a Drag

By DJ Schleen on September 06, 2019 deployment
An application should withstand automated, manual, or user testing. Security vulnerabilities, although extremely important, are in reality non-functional.
Read More...

NIST Proposes Standards to Secure Government SDLC

NIST has proposed a set of standards to address the growing need for better software security. Public comment is open until August 5, 2019.
Read More...