Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Implementing DevSecOps with 1,162 Apps

By Derek Weeks on April 22, 2019 devsecops
True DevSecOps includes breaking builds when vulnerable open source is found. But, implementing that level of precision is not an easy task. Hiep Tran from Capital Group, shares the process they wen
Read More...

Operating Without an OSS License? That Could Be Dangerous!

By Derek Weeks on April 17, 2019 Nexus Lifecycle
The intent of OSS licensing is to to make sure software can remain open source and freely used. But, some licenses contain requirements that could conflict with your business objectives - it's
Read More...

Full Lifecycle Container Security

By Derek Weeks on April 17, 2019 devsecops
As containers become a greater part of the DevOps pipeline, securing them is top of mind. John Morello, Twistlock CTO, shared thoughts at the 2018 Nexus User Conference on how-to secure them across
Read More...

Nexus Helps Cure Cancer

By Derek Weeks on April 05, 2019 Nexus Repository
At the 2018 Nexus User Conference, Sarah Elkins discussed how the National Cancer Institute uses Nexus Pro Repository Manager to help manage their applications securely and efficiently.
Read More...

Fannie Mae: Scaling the DevOps Enterprise

By Derek Weeks on April 02, 2019 devsecops
Fannie Mae has $100 B in annual revenue, over 7,200 employees, 468 applications and 1,200 software assets. Combine all of that with their unique role of being a government-sponsored, public entity -
Read More...

Why You Need DevSecOps and Artifact Repositories

By Derek Weeks on March 26, 2019 artifact repository
In her talk at the 2018 Nexus User Conference, Helen Beal, DevOpsologist at Ranger 4, discusses artifact repositories and their role in the DevSecOps toolchain
Read More...

2019 Nexus User Conference: CFP Now Open

By Janie Gelfond on March 19, 2019 Nexus User Conference
The second annual Nexus User Conference is on June 12. Submit to speak today.
Read More...

To Succeed, DevSecOps Must Actually Include DevOps

By Derek Weeks on January 07, 2019 devsecops
Before implementing any DevSecOps tools, you have to embrace that DevSecOps is disruptive to the entire security tool landscape. Too many tools are just lipstick on a pig.
Read More...

The Path of DevOps Enlightenment for Infosec

By Derek Weeks on November 20, 2018 Devops
Can security, as an industry, rise to the demands of DevOps? Is the DevOps culture able to handle security and all of its baggage? At this year's Nexus User Conference, James Wickett answered these
Read More...