Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
animal-farming-animals-farm-66627-1-1
READ MORE

To Succeed, DevSecOps Must Actually Include DevOps

By Derek Weeks on January 07, 2019 devsecops

5 minute read time

Before implementing any DevSecOps tools, you have to embrace that DevSecOps is disruptive to the entire security tool landscape.
Read More...
Enlightenment2
READ MORE

The Path of DevOps Enlightenment for Infosec

By Derek Weeks on November 20, 2018 Devops

4 minute read time

Can security, as an industry, rise to the demands of DevOps? Is the DevOps culture able to handle security and all of its baggage? At this year's Nexus User.
Read More...
jan-meeus-618862-unsplash-1
READ MORE

How to Deploy a Jenkins Cluster on AWS as Part of a Fully Automate CI/CD Platform

By Mohamed Labouardy on November 05, 2018 jenkins

11 minute read time

Following his Nexus User Conference talk on how to build a fully automated CI/CD platform on AWS, using Terraform, Packer & Ansible, Mohamed Labouardy goes.
Read More...
Chess Updated
READ MORE

5 Quick Wins for Securing Continuous Delivery

By Derek Weeks on October 04, 2018 Continuous Delivery

6 minute read time

At the 2018 Nexus User Conference, Jim Bird, CTO of BiDS Trading, laid out 5 quick ways to secure continuous delivery.
Read More...
GettyImages-908635662-1
READ MORE

A DevSecOps Journey at a Dutch Bank

By Derek Weeks on October 03, 2018 devsecops

3 minute read time

This is the story of ABN AMRO’s DevSecOps journey - as told by Stefan Simenon and Widbe de Roos at the 2018 Nexus User Conference.
Read More...
My Post (5)-1
READ MORE

A Simply Brilliant Way to Improve the Security Pipeline

By Derek Weeks on September 06, 2018 Nexus IQ

2 minute read time

Kaiser Permanente's Xin Xu shares how his team eliminates vulnerable libraries before they ever enter the DevOps pipeline, using Nexus.
Read More...
plane-2633883_1920
READ MORE

How-to Roll Out Nexus in a Large Organization

By Derek Weeks on August 22, 2018 Nexus Repository

4 minute read time

What does it take to roll-out Nexus in a large organization? Not just any organization, an international one such as Delta Airlines.
Read More...