The 2020 State of the Software Supply Chain Report is available!

Study Shows High-Performance Dev Teams Fix OSS Vulns 26x Faster | Press Release

blog-logo Sonatype Blog

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...

Bash 2014 - This Is Not a Party

I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and

Read More...

Skeleton Key

A skeleton key is capable of opening any lock regardless of make or type. Do you know anyone who has one? I do. Lots of them. At the HP Protect conference last week in Washington DC, the theme of
Read More...

11,000 Voices

This week, I will be attending AppSec USA in Denver with the rest of our Sonatype crew. While it will be my first time attending the event, I am really excited to be leading a panel discussion at the

Read More...