Featured Article

New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

White House National Cybersecurity Strategy: Landmark Action for a Critical Threat

By Brian Fox on March 02, 2023 Cybersecurity

5 minute read time

The Biden administration announced a new, historic National Cybersecurity Strategy calling for cybersecurity liability and increased investment.
Read More...
Hand holding a gear
READ MORE

2023 Predictions: What Will Happen in Software Supply Chain Governance?

By Luke Mcbride on January 09, 2023 Software Supply Chain

8 minute read time

A look at what we're expecting in the coming year, including open source security, software supply chain attacks, regulation, DevOps, and more.
Read More...
READ MORE

Wicked Good Development: Key Takeaways From the State of the Software Supply Chain Report

By Kadi Grigg on November 17, 2022 Software Supply Chain

3 minute read time

Jump into to these four bonus episodes to find highlights and critical takeaway's from Sonatype's 8th Annual State of the Software Supply Chain Report.
Read More...
READ MORE

Rule Over Your Dependencies and Scan at Your Own Open Source Risk

By Aaron Linskens on September 13, 2022 vulnerabilities

5 minute read time

A good way to make sure that your organization's vulnerabilities don't go unnoticed is conducting regular scans of open source used in your environments.
Read More...
Standard Wicket Good Development headline image
READ MORE

Wicked Good Development Episode 11: Vulnerability Drills - The Intention, Habit, and Impact

By Kadi Grigg on July 01, 2022 Software Supply Chain

27 minute read time

To prepare for the unexpected, check your code and run vulnerability drills to create muscle memory for engineering teams and build better software.
Read More...
Standard Wicket Good Development headline image
READ MORE

Wicked Good Development Episode 10: The Evolution of Supply Chain Attacks

By Kadi Grigg on June 14, 2022 Software Supply Chain

22 minute read time

This episode looks at how fraud detection and supply chain attacks are similar, the data science behind these systems, and developer behavior.
Read More...
Stylistic image of molecule chains
READ MORE

A Non-Programmer Introduction to the Software Supply Chain (Electron)

By Luke Mcbride on October 14, 2021 Software Supply Chain

3 minute read time

Connecting the larger use by the software industry of component programs to something most people have on their machine right now: The Electron Framework.
Read More...
US President Biden calls for comprehensive reviews of software supply chains.
READ MORE

White House Releases Executive Order on America's Software Supply Chains

By Derek Weeks on February 25, 2021 secure software supply chain

2 minute read time

Following recent SolarWinds attacks on multiple government agencies, US President Biden calls for comprehensive reviews of software supply chains.
Read More...
READ MORE

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain

3 minute read time

Containers and automated tools create new opportunities for software supply chains and opensource governance as well as system security. DevSecOps, application and system security are all visible in
Read More...