Mastering SBOMs: Best practices

By Keiana King on February 06, 2024 Development strategy

2 minute read time

Check out Sonatype's recent webinar that sheds light on the importance of software bills of materials (SBOMs) in software development.
Read More...

What constitutes a software supply chain attack?

By Ax Sharma on August 03, 2021 vulnerabilities

7 minute read time

ENISA feels the term software supply chain attack is overused, so what does constitute a supply chain attack?
Read More...

Kaseya ransomware: A software supply chain attack or not?

By Matt Howard on July 06, 2021 vulnerabilities

5 minute read time

As companies scramble to address and resolve this devastating attack, we look at what makes a supply chain and what it takes to address upstream attacks.
Read More...

Biden executive order on cybersecurity calls for enhanced software supply chain security

3 minute read time

Biden's Cybersecurity Executive Order mandates software supply chain security and secure development practices, including creating a software bill of materials.
Read More...

The SolarWinds software supply chain attack: How developers can protect applications

By Derek Weeks on December 22, 2020 vulnerabilities

8 minute read time

The SolarWinds software supply chain attack has made it clear that open source developers need to act now and intelligently manage third party dependencies to.
Read More...

Want to Understand Software Supply Chains? Ask Red Hat

By Matt Howard on September 01, 2017 Red Hat

1 minute read time

Want to learn about automating and scaling modern software supply chains? Ask our friends at Red Hat. They know what they're talking about.
Read More...

Internet of Things Cybersecurity Improvement Act of 2017

By Derek Weeks on August 01, 2017 open source goveranance

4 minute read time

Internet of Things Cybersecurity Improvement Act of 2017
Read More...

2017 State of the Software Supply Chain Report

By Wayne Jackson on July 17, 2017 Docker

2 minute read time

Today, Sonatype introduces its third annual State of the Software Supply Chain report.
Read More...