Featured Article

Hygiene for Open Source Software Is Now a PCI Requirement

By Matt Howard on February 19, 2019 News and Views

As we said last year, the software industry is failing to protect the public from data theft and misuse; motivating government officials, associations and

Read More...

3 Reasons Manual Policies Just Don’t Work

By Derek Weeks on June 10, 2014 Cyber Supply Chain Management and Transparency Act

The good news: you have an open source policy in place (on paper).

Read More...

An Open Discussion on Open Source Review Boards

By Derek Weeks on March 17, 2014 Sonatype Says

The recent FS-ISAC whitepaper, “Appropriate Software Security Control Types for Third Party Service and Product Providers”, reveals the majority of internal

Read More...

The Tipping Point: Human Speed vs. Machine Speed

By Derek Weeks on March 05, 2014 Sonatype Says

What can the financial services industry learn from the U.S. Department of Homeland Security? In this third segment of my blog series on open source

Read More...

Financial Services Organizations have Open Eyes on Open Source

By Derek Weeks on February 20, 2014 Component Lifecycle Management

Let me open your eyes to a tidal wave of change that has already flooded the development organizations across Financial Services and other industries:

Read More...

Sonatype Blog

Hygiene for Open Source Software Is Now a PCI Requirement

3 Reasons Manual Policies Just Don’t Work

An Open Discussion on Open Source Review Boards

The Tipping Point: Human Speed vs. Machine Speed

Financial Services Organizations have Open Eyes on Open Source