Three DevSecOps Lessons Drawn From Conversations With 45 CISOs

By Matt Howard on January 29, 2020 CISO

3 minute read time

CISOs reduce risk and significantly improve an organization's IT security posture by shifting more resources to the beginning of the digital supply chain.
Read More...

How to Use Sonatype OSS Index to Identify Security Vulnerabilities

By Casey Dunham on January 09, 2020 github

8 minute read time

OSS Index enables developers to quickly find vulnerabilities in any library with an easy-to-use search feature. Learn more, and how to access the plugins.
Read More...

Why You Need a Software Bill of Materials More Than Ever

By Katie McCaskey on December 05, 2019 software bill of materials

5 minute read time

Enterprises need to know what open source components are in their software at all times. If you don't have a software bill of materials, you're already behind.
Read More...

Nexus Lifecycle Now Integrates With Red Hat Clair to Secure Containers Across the SDLC

By Michelle Dufty on November 25, 2019 featured

2 minute read time

Sonatype is automating container security via an open API that makes it easy for third-party container scanners to integrate with Nexus Lifecycle - starting.
Read More...

5 Ways Your Organization Benefits from DevSecOps

By Ax Sharma on November 14, 2019 devsecops

4 minute read time

It's important to understand why DevSecOps matters in this day and age of security breaches and what the pragmatic benefits are for your organization.
Read More...

DevSecOps Elite and Their Reference Architecture

By Katie McCaskey on October 25, 2019 devsecops

3 minute read time

Derek Weeks and DJ Schleen provide insights into the practices and toolsets used by DevSecOps professionals. Watch their DevOps World presentations here.
Read More...

How The Unicorn Project Aligns With The Phoenix Project

By Mark Miller on October 18, 2019 books

2 minute read time

In this podcast Gene Kim, author of The Phoenix Project, discusses his new book, The Unicorn Project.
Read More...

DevSecOps for a Dollar or Less

By Derek Weeks on October 07, 2019 OWASP

3 minute read time

The DevSecOps Maturity Model (DSOMM) helps you analyze your organization's development pipeline to see where you need to improve.
Read More...

Sonatype Hosts Global Gatherings of DevSecOps Leaders and Innovators

By Katie McCaskey on October 04, 2019 thought leaders

4 minute read time

October is dedicated to intimate gatherings of DevSecOps professionals, thought leaders, and decision makers in cities across North America and Europe.
Read More...