Featured Article

CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma

By Ilkka Turunen on April 01, 2024 Software Supply Chain

Learn about a new, targeted backdoor supply chain attack against the popular XZ compression utility seen in many Linux distributions such as fedora and debian. Understand its impact, potential risks

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

Embracing the AI revolution: Navigating the impact on developers

By Aaron Linskens on March 04, 2024 Software Supply Chain

4 minute read time

Explore Sonatype's whitepaper, The Effects of AI on Developers, highlighting the challenges, opportunities, and transformative effects generative AI.
Read More...
READ MORE

Introducing our 9th annual State of the Software Supply Chain report

By Aaron Linskens on October 03, 2023 open source security

5 minute read time

Sonatype announces the arrival of our 9th annual State of the Software Supply Chain report that explores open source security, industry trends, and more.
Read More...
Stylized Sonatype logo and article name
READ MORE

Introducing our 8th annual State of the Software Supply Chain

2 minute read time

Announcing the arrival of our 8th Annual State of the Software Supply Chain Report looking at managing open source security, industry trends, and more.
Read More...
READ MORE

2021 State of the Software Supply Chain: Open source software security and dependency management take center stage

By Matt Howard on September 15, 2021 Open Source

3 minute read time

As Open Source Continues to Fuel Digital Transformation, Sonatype's 2021 Software Supply Chain Report Reveals Important Trends
Read More...
Digitally created cloud
READ MORE

Cloud security concerns in 2021

By Kevin Miller on August 05, 2021 cloud

2 minute read time

Cloud environments are growing in complexity, and challenging those responsible for keeping environments secure.
Read More...
2020 State of the Software Supply Chain
READ MORE

Introducing our 2020 State of the Software Supply Chain report

2 minute read time

Sonatype's 2020 State of the Software Supply Chain Report shows that faster innovation and better risk management do not have to be mutually exclusive.
Read More...
READ MORE

Happy Developers Produce More Secure Software, Better Business Outcomes

By Derek Weeks on April 07, 2020 vulnerabilities

3 minute read time

The 2020 DevSecOps Community Survey confirms correlations between DevSecOps culture and practices, and their influence on motivation and job satisfaction.
Read More...
GettyImages-849023956
READ MORE

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

By Katie McCaskey on August 05, 2019 open source governance

3 minute read time

Toyota developed a vehicle production framework, still in use today, that shapes contemporary software supply chain management, too.
Read More...
blur-codes-coding-577585
READ MORE

What 36,000 OSS Projects and 12,000 Commercial Dev Teams Taught Us About Secure Coding Practices

By Derek Weeks on June 25, 2019 devsecops

2 minute read time

Our 2019 State of the Software Supply Chain Report Reveals Best Practices From 36,000 OSS Dev Teams and 12,000 commercial software engineering teams.
Read More...