What We Learned from Studying 36,000 OSS Projects | Press Release

blog-logo Sonatype Blog

DevSecOps & Chaos Engineering: Knowing the Unknown

By Derek Weeks on September 04, 2019 software testing
Aaron Rinehart (@aaronrinehart) dives into chaos engineering: what it is, why you need it, and how you can implement it in your organization.
Read More...

Why Software Composition Analysis (SCA) Demands Precision

Software Composition Analysis: Getting to the Signal Through the Noise, by 451 Research, demonstrates Sonatype's leadership in software composition analysis.
Read More...

Steps to Responsible Disclosure with Bas van Schaik, Man Yue Mo and Brian Fox

By Mark Miller on March 20, 2018 Open Source
In this episode of the OWASP 24/7 Podcast Series, I speak with the research team at Semmle on how they discovered the Pivotal Spring framework vulnerability.
Read More...

HackNYC 2018: Preview with Dr. Bill Curtis [Podcast]

By Mark Miller on February 01, 2018 OWASP
In May, at HackNYC 2018 in New York City, Dr. Bill Curtis' team of Tracie Gerardi and Lev Lesokhin will deliver a presentation on putting an end to "Technical Debt".
Read More...

Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

By Mark Miller on January 15, 2018 OWASP
A conversations about government vs public software security, the OWASP Top 10 and common security patterns in large scale projects.
Read More...