Featured Article

More Than 200 Cryptomining Packages Flood npm and PyPI Registry

By Ax Sharma on August 19, 2022 vulnerabilities

More than 200 malicious packages have flooded npm and PyPI registries to install cryptominers on Linux hosts.

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

DevSecOps: Better Software, Faster

By Derek Weeks on February 08, 2017 repository health check

3 minute read time

1 in 16 open source and third-party components downloaded last year included a known vulnerability. That may not seem like too many until you realize the average company downloads well over 200,000
Read More...
READ MORE

Rugged DevOps: Less Capture the Flag, More Teamwork

By Derek Weeks on February 22, 2016 governance

9 minute read time

I caught up with Chris Corriere at DEVNEXUS -- DevOps Engineer at AutoTrader -- to talk about his experiences in the realm of Rugged DevOps.
Read More...
READ MORE

Rugged DevOps: Survival is Not Mandatory

By Derek Weeks on January 25, 2016 Nexus solutions

4 minute read time

Deming, the patron saint of DevOps once advised, “It is not necessary to change. Survival is not mandatory.” To survive, application development teams are constantly pressured to deliver software

Read More...
READ MORE

Getting Rugged DevOps Right

By Derek Weeks on December 03, 2015 Nexus Lifecycle

4 minute read time

Getting Rugged DevOps Right
Read More...
READ MORE

We Lack Building Codes for Building Software Code [VIDEO]

By Mark Miller on June 15, 2015 Software Supply Chain

1 minute read time

At Josh Corman’s presentation during AppSecEU 2015, he brought up the analogy of buildings codes, those laws and regulations that mandate how architectural buildings are built. It’s the reason

Read More...
READ MORE

DevOps Leadership Series: Security at Velocity [Video]

By Derek Weeks on May 12, 2015 Software Supply Chain

1 minute read time

If it does not fit, it does not get done. For many DevOps practices, application security falls into the “does not get done” bucket. That’s because for many DevOps-centric organizations, application

Read More...
READ MORE

DevOps Leadership Series: Software Supply Chains [Video]

By Derek Weeks on May 05, 2015 RSA Conference

2 minute read time

Another theme that arose often during our recent “DevOps: Wine-ing, Not Whining” event was the importance of software supply chains. Every software development organization has a software supply

Read More...
READ MORE

DevOps Leadership Series 2015

By Derek Weeks on May 01, 2015 RSA Conference

1 minute read time

We recently hosted the 2nd annual “DevOps: Wine-ing, Not Whining” event in San Francisco to bring together a number of thought leaders and leading practitioners in the DevOps field. We traded stories

Read More...
Twitter LinkedIn Facebook YouTube GitHub
Products
Free Tools
Solutions
Resources
Customer Portal
Company
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759

Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102

Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia

London Office -168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy    Modern Slavery Statement    Event Terms and Conditions   Do Not Sell My Personal Information