Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

OWASP Top 10 Overview

By Erik Dietrich on June 22, 2020 OWASP
Caroline Wong is a Chief Strategy Officer who teaches the OWASP Top 10. She uses memorable analogies to explain all ten.
Read More...

DevOps Assurance with OWASP SAMM

By Guillermo Salazar on June 02, 2020 OWASP
SAMM v2 follows three levels of maturity. Maturity levels 1 through 3 are similar to what, in other models, are known as crawling, walking, and running.
Read More...

The OWASP ZAP HUD

By Omkar Hiremath on May 26, 2020 vulnerabilities
ZAP is an open-source web application scanner and OWASP flagship project. Use ZAP to find vulnerabilities. Security expert Simon Bennetts demonstrates.
Read More...

OWASP Top 10 Introduction with Caroline Wong [VIDEO]

By Zack Conord on April 14, 2020 OWASP
Caroline Wong shares her perspective on which OWASP Top 10 is particularly relevant today with so many professionals working from home.
Read More...

OWASP Security Knowledge Framework

By Daniel Longest on March 24, 2020 security
OWASP's security knowledge framework (SKF) is a method to help web and app developers establish best practices at each stage of product development.
Read More...

DevSecOps for a Dollar or Less

By Derek Weeks on October 07, 2019 OWASP
The DevSecOps Maturity Model (DSOMM) helps you analyze your organization's development pipeline to see where you need to improve.
Read More...

HackNYC 2018: Preview with Kevin E. Greene [Podcast]

By Mark Miller on February 07, 2018 OWASP
Kevin Greene is on the organizing committee for HackNYC, helping to organize talks and sessions around protecting and securing our national infrastructure.
Read More...

HackNYC 2018: Preview with Dr. Bill Curtis [Podcast]

By Mark Miller on February 01, 2018 OWASP
In May, at HackNYC 2018 in New York City, Dr. Bill Curtis' team of Tracie Gerardi and Lev Lesokhin will deliver a presentation on putting an end to "Technical Debt".
Read More...

Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

By Mark Miller on January 15, 2018 OWASP
A conversations about government vs public software security, the OWASP Top 10 and common security patterns in large scale projects.
Read More...