One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

Trust and Courage are Essential to a Strong Team Culture

By Keith Sprochi on July 02, 2020 leadership
A healthy work culture is invaluable. I think that the Sonatype culture has two main ingredients: trust and courage.

Custom Node Module Management using Private npm Registry Configured in Nexus Repository

By Nipun Thilakshan on June 17, 2020 How-To
How to configure a private npm registry in Sonatype Nexus Repository, and how to publish and consume custom Node.js modules in your projects.

Observability Made Easy with Synthetic Monitoring

By Erik Dietrich on June 16, 2020 python
A small number of apps disproportionately skewed aggregate metrics and sent false alarms. The solution was DIY synthetic monitoring using Python.

Using a Software Bill of Materials (SBOM) is Going Mainstream

Crazy: OWASP A9 is about to turn seven and the DevSecOps Community Survey shows less than half of organizations can produce a Software Bill of Materials.

Octopus Scanner Compromises 26 OSS Projects on GitHub

By Brian Fox on May 31, 2020 #OSSsecurity
The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new form of software supply chain attack targeting NetBeans projects.

UPDATE: 21 SaltStack Breaches with 2,900 Still Vulnerable

By Derek Weeks on May 31, 2020 vulnerabilities
When a vulnerability is announced in an open source project, ask immediately: have we ever used that open source component, and (if yes) where is it?

Accelerating Productivity, Digital Value Streams, and DevSecOps During COVID-19

By Katie McCaskey on May 29, 2020 devsecops
In the pilot episode of DevOps and Drinks from IDC, Reuben Athaide from Standard Charter Bank shares his views on how COVID-19 is changing DevSecOps.

Cultural Approaches to Transformations

Marc Cluet has dedicated the last six years to helping organizations transform their culture and ways of working. Here are some of his observations.

Leadership Lessons: Adapting to an All Remote Workforce

By Katie McCaskey on May 01, 2020 leadership
COVID-19 demands more people work remotely. This All Day DevOps Spring Break keynote presentation explores the ways leaders must adapt.