How to Use Sonatype OSS Index to Identify Security Vulnerabilities
8 minute read time
OSS Index enables developers to quickly find vulnerabilities in any library with an easy-to-use search feature. Learn more, and how to access the plugins.
Read More...
A More Secure Web Needs Developers, Defenders, Advocates, and OSS
2 minute read time
The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...
Anatomy of the RubyGems ‘rest-client’ Hack, and Getting Creative About Open Source Security
3 minute read time
Last month, the RubyGems strong_password component was breached and injected with malicious code.
Read More...
NIST Proposes Standards to Secure Government SDLC
3 minute read time
NIST has proposed a set of standards to address the growing need for better software security. Public comment is open until August 5, 2019.
Read More...
DevOps: The Blue Ocean Tide is Rising
2 minute read time
The market for DevOps and DevSecOps automation is super hot. Here's why.
Read More...
Sonatype and Bamboo: Improving Your Builds
2 minute read time
Sonatype now provides native Atlassian Bamboo support to improve the quality of your build outputs.
Read More...
42,000 Nexus Repository Managers, and Growing!
6 minute read time
42,000 Nexus Repository Managers, and Growing!
Read More...
Who is Nigel Simpson? (Lessons of Open Source Governance)
1 minute read time
Who is Nigel Simpson? (Lessons of Open Source Governance)
Read More...
Securosis Dives Deep into our 2014 Survey
3 minute read time
There are two ways to motivate others to action: emotional appeal and fact based analysis.
Read More...