Skip Navigation

How DevOps evolved into DevSecOps: Embracing security in software development

By Aaron Linskens on February 09, 2024 devsecops

3 minute read time

Understand how DevOps and DevSecOps are crucial to optimize software development and ensure security is not an afterthought in an SDLC.
Read More...

DevSecOps maturity model: A beginner's guide

By Aaron Linskens on January 26, 2024 devsecops

6 minute read time

Explore the concept of a maturity model within the context of DevSecOps which serves as a guide to fortify security practices within software development.
Read More...

DevSecOps tools: A beginner's guide

By Aaron Linskens on January 05, 2024 Open Source

6 minute read time

Explore categories of DevSecOps tools and their distinct use cases and roles in reshaping modern software development practices
Read More...

Protecting software developers from malware with AI/ML insights

By Mandeep Singh on April 20, 2023 featured

5 minute read time

Developer-targeted malware is a complex and difficult problem. A look at what tools and information are needed to reduce risk in your development pipeline.
Read More...

SCA and SAST: What do they do and how can they help developers like you?

By Theresa Mammarella on January 03, 2023 AppSec

5 minute read time

SCA and SAST tools help DevSecOps teams and application developers work together to identify vulnerabilities and improve security.
Read More...

What do Log4Shell and a global pandemic have in common?

By Theresa Mammarella on November 15, 2022 AppSec

4 minute read time

A look at development through the lens of weddings, including long-term planning, contingencies, and disasters. A video talk from this years DEVOXX.
Read More...

The magic behind over 101,000 Malicious packages discovered and blocked

By Chris Good on November 08, 2022 Product

3 minute read time

A look at how Sonatype software is protecting development teams and software with the industry-leading tools.
Read More...

Setting boundaries: How procurement relates to security (Part 1)

By Michael Griffin on August 24, 2022 News and Views

4 minute read time

Whether your organization calls it purchasing, requisition, bidding, or business operations, not managing what comes into your company can be expensive.
Read More...

What constitutes a software supply chain attack?

By Ax Sharma on August 03, 2021 vulnerabilities

7 minute read time

ENISA feels the term software supply chain attack is overused, so what does constitute a supply chain attack?
Read More...