Why Companies Should Contribute to Open Source – and How to Do It

By Matt Freeland on February 03, 2022 Community

7 minute read time

Your company relies on open source projects; giving back to them can reduce tech debt, accelerate innovation, and reduce your developers’ cognitive load. 
Read More...

Beyond Coding: Changing Developer Roles

By Karin Althaus on August 27, 2021 DevOps Culture

9 minute read time

Developers are increasingly taking center-stage, assuming more responsibilities and tasks. But what does this mean for developers themselves?
Read More...

The Benefits of Remote Work Beyond Avoiding the Coronavirus (COVID-19)

By Mike Hansen on March 11, 2020 remote

3 minute read time

The advantages we've realized with Sonatype's remote organization are evident. Here, lessons for anyone new to working from home to avoid the Coronavirus.
Read More...

GDPR One Year On: Increasing Demand for "Security By Design"

3 minute read time

GDPR's influence is becoming more and more evident in software development. What comes next for teams in the EU and elsewhere as the policy turns 1?
Read More...

In the Dark about Software Supply Chain Vulnerabilities

By Matt Howard on May 16, 2019 vulnerability

2 minute read time

The Barium attacks, revealed earlier this month, highlight new, pervasive tactics that are exceptionally dangerous.
Read More...

Software Composition Analysis: A Matter of Perspective (and Experience)

2 minute read time

The SCA market is young - leaving everyone wrestling with a critical question: is it a security-centric, developer-centric, or a legal-centric endeavor? At Sonatype, we believe it's all of the above.
Read More...

Application Security Risk in 2019: It's All About The Supply Chain

By Matt Howard on December 28, 2018 AppSec

5 minute read time

Cyber criminals are intentionally planting vulnerabilities directly into the global supply of open source components. Heading into 2019, organizations should learn how to run fast enough to harness
Read More...

US Energy and Commerce Committee: 6 Strategies for Modern Cybersecurity Risks

By Ilkka Turunen on December 18, 2018 software bill of materials

5 minute read time

On the 12th of December the Subcommittee on oversight and investigations released an additional report identifying the core strategies organisations can take to address modern cybersecurity risks.
Read More...

The Path of DevOps Enlightenment for Infosec

By Derek Weeks on November 20, 2018 Devops

4 minute read time

Can security, as an industry, rise to the demands of DevOps? Is the DevOps culture able to handle security and all of its baggage? At this year's Nexus User Conference, James Wickett answered these
Read More...