Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Why Does Security Matter For DevOps?

By Derek Weeks on October 01, 2019 security
Caroline Wong (@CarolineWMWong) explains why organizations that use DevOps are 2X more likely to succeed than peers.
Read More...

A More Secure Web Needs Developers, Defenders, Advocates, and OSS

By Katie McCaskey on September 13, 2019 security
The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...

Security Organizations Need to Start Thinking Like Developers

By DJ Schleen on July 30, 2019 security
Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...

Blue by Default

By Katie McCaskey on July 29, 2019 security
Aubrey Stearn (@auberryberry) explains DevOps security approach Blue by Default. Security practices move prior to testing and delivery to ensure focus.
Read More...

Free Software, But No Free Lunch

By Katie McCaskey on July 25, 2019 security
Today's threat surface is the software itself. How can Fortune 100 companies and others protect themselves? One security practice is counterintuitive.
Read More...

How are Federal Agencies Implementing DevOps & System Modernization

By Derek Weeks on November 29, 2016 security
Learn how the Department of Homeland Security (DHS) is leading the DevOps charge with a recent project to modernize mission-critical systems at USCIS.
Read More...

Intuit’s DevSecOps: War Games, Gamification, and Culture Hacking

By Derek Weeks on April 11, 2016 operations
Sit down with Shannon Lietz, Ian Allison, and Scott Kennedy from Intuit to learn about Rugged DevOps (some call in DevSecOps).
Read More...

Josh Corman on Keeping up with Hackers [CNBC VIDEO]

By Derek Weeks on August 11, 2015 blackhat

Josh Corman had a busy week at BlackHat last week. During the chaos, CNBC news caught up with him to talk about recent cyber attacks and what can be expected in the future.

Read More...

Bash 2014 - This Is Not a Party

I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and

Read More...