One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

The Benefits of Remote Work Beyond Avoiding the Coronavirus (COVID-19)

By Mike Hansen on March 11, 2020 remote
The advantages we've realized with Sonatype's remote organization are evident. Here, lessons for anyone new to working from home to avoid the Coronavirus.
Read More...

GDPR One Year On: Increasing Demand for "Security By Design"

GDPR's influence is becoming more and more evident in software development. What comes next for teams in the EU and elsewhere as the policy turns 1?
Read More...

In the Dark about Software Supply Chain Vulnerabilities

By Matt Howard on May 16, 2019 vulnerability
The Barium attacks, revealed earlier this month, highlight new, pervasive tactics that are exceptionally dangerous.
Read More...

Software Composition Analysis: A Matter of Perspective (and Experience)

The SCA market is young - leaving everyone wrestling with a critical question: is it a security-centric, developer-centric, or a legal-centric endeavor? At Sonatype, we believe it's all of the above.
Read More...

Application Security Risk in 2019: It's All About The Supply Chain

By Matt Howard on December 28, 2018 AppSec
Cyber criminals are intentionally planting vulnerabilities directly into the global supply of open source components. Heading into 2019, organizations should learn how to run fast enough to harness
Read More...

US Energy and Commerce Committee: 6 Strategies for Modern Cybersecurity Risks

By Ilkka Turunen on December 18, 2018 software bill of materials
On the 12th of December the Subcommittee on oversight and investigations released an additional report identifying the core strategies organisations can take to address modern cybersecurity risks.
Read More...

The Path of DevOps Enlightenment for Infosec

By Derek Weeks on November 20, 2018 Devops
Can security, as an industry, rise to the demands of DevOps? Is the DevOps culture able to handle security and all of its baggage? At this year's Nexus User Conference, James Wickett answered these
Read More...

Inevitable:  Earthquakes and Exploits

By Mike Hansen on November 15, 2018 AppSec
Earthquakes and open source vulnerabilities are both inevitable, unpredictable, and can be catastrophic. Sonatype's Mike Hansen talks about what earthquake preparedness can teach us about open source
Read More...