Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

From Burping to Flying - Red Teaming with Nexus at Intuit

By Mark Henke on May 24, 2019 devsecops
Security is too important to leave out of DevOps. Learn why, and how to unite the two, from Shannon Lietz's 2018 Nexus User Conference session.

The DevSecOps Equilibrium

By Derek Weeks on May 22, 2019 devsecops
Is their tension in your organization between sec, ops, and dev? In his All Day DevOps chat, Chris Corriere talks about finding the DevSecOps Equilibrium.

Alexa: What’s the Future of Cyber Security?

By Katie McCaskey on May 02, 2019 devsecops
The software supply chain connects everyone and everything but attacks to this connected web can be blatant and overt, with damaging consequences - especially within the federal government.

Malicious Attacks On Open Source Are Going to Get Worse: Developers Need to Take Notice

By Sonal Thawani on April 19, 2019 vulnerability
Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault, allowing hackers to poison the well, is going to get

40 DevSecOps Reference Architectures To Learn From

By Janie Gelfond on April 04, 2019 devsecops
Scaling DevSecOps is no easy feat. There are so many ways to automate security across the SDLC, that it can become overwhelming quickly. That's why we created DevSecOps Reference Architecture

Why You Need DevSecOps and Artifact Repositories

By Derek Weeks on March 26, 2019 artifact repository
In her talk at the 2018 Nexus User Conference, Helen Beal, DevOpsologist at Ranger 4, discusses artifact repositories and their role in the DevSecOps toolchain

DevSecOps Community Survey: Meet the Winner

By Janie Gelfond on March 15, 2019 devsecops
Meet one of the winners from the DevSecOps Community Survey: Brian McClung, Director of Deployment and Integration at Ericsson.

26% Acknowledge a Web Application Breach in 2019

By Derek Weeks on February 12, 2019 OSS governance
Following news that a hacker breached 16 sites via security vulnerabilities within web applications, we're sharing new insight from the 2019 DevSecOps Community Survey - 26% of respondents said they

To Succeed, DevSecOps Must Actually Include DevOps

By Derek Weeks on January 07, 2019 devsecops
Before implementing any DevSecOps tools, you have to embrace that DevSecOps is disruptive to the entire security tool landscape. Too many tools are just lipstick on a pig.