Sonatype Selected by Equifax to Support OS Governance Press Release

SON_logo_blog_2

HackNYC 2018: Preview with Kevin E. Greene [Podcast]

By Mark Miller on February 07, 2018 dhs

Prior to his work as Principal Software Assurance Engineer at MITRE, Kevin E. Greene was R&D Program Manager for the Department of Homeland Security. He is

Read More...

HackNYC 2018: Preview with Dr. Bill Curtis [Podcast]

By Mark Miller on February 01, 2018 HackNYC

In May, at HackNYC 2018 in New York City, Dr. Bill Curtis' team of Tracie Berardi and Lev Lesokhin will deliver a presentation on putting an end to

Read More...

Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

By Mark Miller on January 15, 2018 owasp top 10

Caroline Wong, Paula Thrasher and I were having lunch at DevOps Enterprise Summit when the conversation took an interesting turn. Paula and Caroline had

Read More...

The OpenChain Project with Shane Coughlan [Podcast Interview]

By Mark Miller on January 12, 2018 OpenChain

The OpenChain Project identifies key recommended processes for effective open source management. The project builds trust in open source by making open

Read More...

Nexus Firewall: Quality at Velocity

By Mike Hansen on November 17, 2015 nexus pro

The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality

Read More...

DevOps Leadership Series: Security at Velocity [Video]

By Derek Weeks on May 12, 2015 OWASP

If it does not fit, it does not get done. For many DevOps practices, application security falls into the “does not get done” bucket. That’s because for many

Read More...

What Happened Sept 16th?

We led an invasion last week armed with a flying drone, glowing lightsabers, and the latest knowledge on open source security vulnerabilities. Our mission?

Read More...

"Wait! Wait! Don't pwn me!" from Black Hat 2014

By Mark Miller on August 14, 2014 OWASP

At the Black Hat 2014 Conference in Las Vegas, Mark Miller, Community Advocate for Nexus, and Executive Producer of the OWASP 24/7 Podcast Series, presented

Read More...

FinSvcs Working Group (FS-ISAC) Takes on Open Source Components

Applications are becoming the primary security threat vector. Since applications are constructed from 3rd party components, there continues to be a tremendous

Read More...