Featured Article

python-dateutils—A Cryptominer in Disguise Targeting Windows, Linux, macOS

By Ax Sharma on June 29, 2022 vulnerabilities

We analyze a suspicious 'python-dateutils' PyPI package targeting Python developers to mine cryptocurrency after infecting their Windows, macOS or Linux systems.

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

OWASP Top 10 Overview

By Erik Dietrich on June 22, 2020 OWASP

4 minute read time

Caroline Wong is a Chief Strategy Officer who teaches the OWASP Top 10. She uses memorable analogies to explain all ten.
Read More...
READ MORE

DevOps Assurance with OWASP SAMM

By Guillermo Salazar on June 02, 2020 OWASP

4 minute read time

SAMM v2 follows three levels of maturity. Maturity levels 1 through 3 are similar to what, in other models, are known as crawling, walking, and running.
Read More...
READ MORE

The OWASP ZAP HUD

By Omkar Hiremath on May 26, 2020 vulnerabilities

4 minute read time

ZAP is an open-source web application scanner and OWASP flagship project. Use ZAP to find vulnerabilities. Security expert Simon Bennetts demonstrates.
Read More...
READ MORE

OWASP Top 10 Introduction with Caroline Wong [VIDEO]

By Zack Conord on April 14, 2020 OWASP

1 minute read time

Caroline Wong shares her perspective on which OWASP Top 10 is particularly relevant today with so many professionals working from home.
Read More...
READ MORE

OWASP Security Knowledge Framework

By Daniel Longest on March 24, 2020 security

4 minute read time

OWASP's security knowledge framework (SKF) is a method to help web and app developers establish best practices at each stage of product development.
Read More...
GettyImages-1075234744-1
READ MORE

DevSecOps for a Dollar or Less

By Derek Weeks on October 07, 2019 OWASP

3 minute read time

The DevSecOps Maturity Model (DSOMM) helps you analyze your organization's development pipeline to see where you need to improve.
Read More...
Kevin Green - Featured Image
READ MORE

HackNYC 2018: Preview with Kevin E. Greene [Podcast]

By Mark Miller on February 07, 2018 OWASP

1 minute read time

Kevin Greene is on the organizing committee for HackNYC, helping to organize talks and sessions around protecting and securing our national infrastructure.
Read More...
Bill Curtis - Featured Image - v02
READ MORE

HackNYC 2018: Preview with Dr. Bill Curtis [Podcast]

By Mark Miller on February 01, 2018 OWASP

1 minute read time

In May, at HackNYC 2018 in New York City, Dr. Bill Curtis' team of Tracie Gerardi and Lev Lesokhin will deliver a presentation on putting an end to "Technical Debt".
Read More...
Thoughts on Security
READ MORE

Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

By Mark Miller on January 15, 2018 OWASP

1 minute read time

A conversations about government vs public software security, the OWASP Top 10 and common security patterns in large scale projects.
Read More...
Twitter LinkedIn Facebook YouTube GitHub
Products
Free Tools
Solutions
Resources
Customer Portal
Company
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759

Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102

Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia

London Office -168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy    Modern Slavery Statement    Event Terms and Conditions   Do Not Sell My Personal Information