Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

How to Use Sonatype OSS Index to Identify Security Vulnerabilities

By Casey Dunham on January 09, 2020 github
OSS Index enables developers to quickly find vulnerabilities in any library with an easy-to-use search feature. Learn more, and how to access the plugins.
Read More...

Why You Need a Software Bill of Materials More Than Ever

By Katie McCaskey on December 05, 2019 software bill of materials
Enterprises need to know what open source components are in their software at all times. If you don't have a software bill of materials, you're already behind.
Read More...

Nexus Lifecycle Now Integrates with Red Hat Clair to Secure Containers Across the SDLC

By Michelle Dufty on November 25, 2019 featured
Sonatype is automating container security via an open API that makes it easy for third-party container scanners to integrate with Nexus Lifecycle - starting with Red Hat Clair.
Read More...

5 Ways Your Organization Benefits from DevSecOps

By Akshay 'Ax' Sharma on November 14, 2019 devsecops
It's important to understand why DevSecOps matters in this day and age of security breaches and what the pragmatic benefits are for your organization.
Read More...

DevSecOps Elite and Their Reference Architecture

By Katie McCaskey on October 25, 2019 devsecops
Derek Weeks and DJ Schleen provide insights into the practices and toolsets used by DevSecOps professionals. Watch their DevOps World presentations here.
Read More...

Make Sure to Cover Your Auth

By Derek Weeks on October 23, 2019 devsecops
Aditya Balapure (@adityabalapure) explores how authentication has evolved and makes recommendations for DevSecOps teams to improve their security.
Read More...

How The Unicorn Project Aligns with The Phoenix Project

By Mark Miller on October 18, 2019 books
In this podcast Gene Kim, author of The Phoenix Project, discusses his new book, The Unicorn Project. Gene talks about the overlap in storylines and why he chose to speak for software developers.
Read More...

DevSecOps for a Dollar or Less

By Derek Weeks on October 07, 2019 OWASP
The DevSecOps Maturity Model (DSOMM) helps you analyze your organization's development pipeline to see where you need to improve.
Read More...

Sonatype Hosts Global Gatherings of DevSecOps Leaders and Innovators

By Katie McCaskey on October 04, 2019 thought leaders
October is dedicated to intimate gatherings of DevSecOps professionals, thought leaders, and decision makers in cities across North America and Europe.
Read More...