Skip Navigation

Getting Started with Sonatype Vulnerability Analysis

By Omkar Hiremath on March 26, 2020 vulnerabilities

7 minute read time

Sonatype Vulnerability Scanner is a free tool that scans your application for vulnerabilities and reports on its analysis.
Read More...

OWASP Security Knowledge Framework

By Daniel Longest on March 24, 2020 security

4 minute read time

OWASP's security knowledge framework (SKF) is a method to help web and app developers establish best practices at each stage of product development.
Read More...

Four Common Security Acronyms Explained

By DJ Schleen on March 02, 2020 security

4 minute read time

SAST, DAST, CSA, OSSM, SCA? What do these acronyms mean, what exactly do they do, and why does it matter?
Read More...

What Does the New CVSS 3.1 Scoring Model Mean for Enterprise Security?

By Ax Sharma on February 17, 2020 vulnerabilities

3 minute read time

Learn how CVSS 3.1 is different from earlier versions and why changes to this security rating matters.
Read More...

Are You a Fool With a Tool?

By DJ Schleen on November 22, 2019 security

3 minute read time

Buckminster Fuller cautioned against prioritizing tools. DevOps should always include discussions of culture, strategy, and process for the best outcomes.
Read More...

Why Does Security Matter For DevOps?

By Derek Weeks on October 01, 2019 security

4 minute read time

Caroline Wong (@CarolineWMWong) explains why organizations that use DevOps are 2X more likely to succeed than peers.
Read More...

A More Secure Web Needs Developers, Defenders, Advocates, and OSS

By Katie McCaskey on September 13, 2019 security

2 minute read time

The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...

Security Organizations Need to Start Thinking Like Developers

By DJ Schleen on July 30, 2019 security

2 minute read time

Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...

Blue by Default

By Katie McCaskey on July 29, 2019 security

3 minute read time

Aubrey Stearn (@auberryberry) explains DevOps security approach Blue by Default. Security practices move prior to testing and delivery to ensure focus.
Read More...