How to establish an open source program office

By Mark Henke on June 24, 2020 open source governance

3 minute read time

Develop an open source software program office to streamline use and compliance. By aligning goals with success metrics, the value of the office is clear.
Read More...

DevSecOps Leadership Forum: 500 Innovators Learning From Shared Experiences

By Matt Howard on May 14, 2020 Community

5 minute read time

This is a recap of experiences and insights shared at the 2020 DevSecOps Leadership Forum. On demand recordings of the event are now available for free.
Read More...

Gartner: Mitigate Risk by Hardening the Software Supply Chain

By Katie McCaskey on December 12, 2019 Sonatype Nexus

5 minute read time

As Gartner explains, key to mitigating open source risk, is a hardened software supply chain. But, where do you start?
Read More...

October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.

By Katie McCaskey on October 21, 2019 PCI

3 minute read time

As open source software grows, developers play a crucial role ensuring that cyber security threats are prevented, mitigated, and repaired.
Read More...

Nexus Lifecycle Now Integrates with Azure DevOps to Secure Software Supply Chains in the Cloud

By Michelle Dufty on October 11, 2019 Nexus Lifecycle

2 minute read time

The Nexus IQ Extension for Azure DevOps scans builds to identify open source security, license, or quality policy violations.
Read More...

A World of Infinite Choice in Open Source Software

3 minute read time

The 2019 Software Supply Chain Report explains the development environment we're all living in and what we can learn from exemplar dev teams.
Read More...

Achieving a Managed State Model For Your Software Supply Chain

3 minute read time

Secure software development processes share attributes with other human endeavors such as cooking, reading, and sports, says Santi Mulukutla of Sonatype.
Read More...

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain

3 minute read time

Containers and automated tools create new opportunities for software supply chains and opensource governance as well as system security.
Read More...

How a Software Bill of Materials Uncovers Known Vulnerabilities

3 minute read time

How a Software Bill of Materials Uncovers Known Vulnerabilities
Read More...