Collaborate Disseminate
“Equality is not a women’s issue, it’s a business issue.” — International Women’s Day website
International Women’s Day began in America in 1911; today, millions of people around the globe mark March 8 as a day of action t… Continue reading “Each for Equal”: 2020 International Women’s Day Theme Resonates in DevSecOps Because It Is a Business Issue
“DevSecOps: It works in theory… but does it work in practice?” — Anonymous
DevSecOps is such a new and evolving practice that it is helpful to hear from someone who can articulate, “Yes. DevSecOps works in theory, and in p… Continue reading Nexus Innovator: Ken D’Auria of The Hartford
Gartner’s recent report Technology Insight for Software Composition Analysis, makes four open-source security recommendations that companies should think about when determining what type of software composition analysis program they want to … Continue reading Gartner: You Must Assess Overall Software Health and Welfare
Everyone knows that when the boss is happy, you’re happy.
David Radford-Grant knows more about this than the average person, and for good reason. He is someone with a unique view into employee moods and behavior. That’s because, a… Continue reading Nexus Innovator: David Radford-Grant of Achievers
Gartner’s report, Technology Insight for Software Composition Analysis, makes four recommendations to improve software security. The first is to ensure a software bill of materials (or SBOM) exists for every software application; an SBOM ill… Continue reading Gartner: The Crucial Role of OSS License Compliance
When molten steel is immersed in water it transforms into one of the world’s strongest materials. A resilient software supply chain is no different. Hardened steel requires combining alloys; a hardened software supply chain requires combinin… Continue reading Gartner: Mitigate Risk By Hardening the Software Supply Chain
Imagine that a new vulnerability in lodash was just announced. Applications using the npm package are being exploited through large scale automated DoS attacks. You need to act quickly to understand if your organization’s systems are at risk… Continue reading Why You Need a Software Bill of Materials More Than Ever
Sonatype is among the many supporters of All Day DevOps (ADDO), the world’s largest conference for DevOps practitioners. Close to 40,000 people attended this year’s 24-hour event — and 10% of them were from one company. We spoke with … Continue reading “This is the New Op Model” – Why State Farm Sponsored ADDO, and the Results
If the topic is speed, the subject is Sonatype.
This week, Sonatype received another recognition in the form of Deloitte’s Technology Fast 500™ ranking, our fourth year on the list. The list recognizes the fastest growing technology, m… Continue reading Deloitte Names Sonatype in ‘Technology Fast 500’ for Fourth Consecutive Year
October is National Cybersecurity Awareness Month (NCSAM). NCSAM is a joint effort between government and industry to raise awareness about cyber threats. This year, NCSAM highlights three areas where cyber security protections (or vulnerabil… Continue reading October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.