Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
Standard Wicket Good Development headline image
READ MORE

Wicked Good Development Episode 10: The evolution of supply chain attacks

By Kadi Grigg on June 14, 2022 Software Supply Chain

22 minute read time

This episode looks at how fraud detection and supply chain attacks are similar, the data science behind these systems, and developer behavior.
Read More...
Standard Wicket Good Development headline image
READ MORE

Wicked Good Development Episode 9: Devnexus reflections and conversations Part 3

By Kadi Grigg on June 13, 2022 podcast

22 minute read time

This week, we finish up our round table discussion on Devnexus 2022 and interview two more developers who contribute to the open source community.
Read More...
Standard Wicket Good Development headline image
READ MORE

Wicked Good Development Episode 8: Devnexus reflections and conversations Part 2

By Kadi Grigg on May 31, 2022 podcast

22 minute read time

From a discussion at Devnexus 2022, a varied conversation about development and open source security from an open source maintainer and contributor.
Read More...
Standard Wicket Good Development headline image
READ MORE

Wicked Good Development Episode 7: Devnexus reflections and conversations Part 1

By Kadi Grigg on May 31, 2022 Community

19 minute read time

At our roundtable discussion on Devnexus 2022, we get a chance to interview two more developers who contribute to the open source community.
Read More...
Studio microphone framed my sound waves
READ MORE

Wicked Good Development Episode 6: The logic of code quality

By Kadi Grigg on April 22, 2022 code quality

23 minute read time

Wicked Good Development is defining code quality, how to measure it, and the best time to involve quality checks in the development process.
Read More...
Image of someone talking on a podcast
READ MORE

Wicked Good Development Episode 4: What is Spring4Shell? And why you should care

By Kadi Grigg on April 04, 2022 vulnerabilities

11 minute read time

In a special episode of Wicked Good Development we dissect the zero-day RCE vulnerability in the Spring Framework dubbed Spring4Shell or Springshell.
Read More...
podcast mic
READ MORE

Wicked Good Development Episode 2: Starting security left

By Kadi Grigg on February 18, 2022 Everything Open Source

24 minute read time

In today's episode of Wicked Good Development we're tackling the ongoing discussion about shifting security left - on how developers can become empowered.
Read More...
READ MORE

Wicked Good Development Episode 1: Cybersecurity experts talk Log4j, open source and more

By Kadi Grigg on February 04, 2022 Everything Open Source

34 minute read time

3 experts with different views on the world of software talk about the latest in development news. Today's episode: Log4j, White house and Open Source
Read More...
podcasts
READ MORE

The latest DevSecOps podcast playlist

By Katie McCaskey on July 01, 2020 devsecops

5 minute read time

The latest playlist of DevSecOps podcast episodes discuss open source vulnerabilities, security, culture, and more.
Read More...