Category Archives: News and Views

Sonatype Hosts Global Gatherings of DevSecOps Leaders and Innovators

Posted on by

The month of October is dedicated to intimate gatherings of DevSecOps professionals, thought leaders, and decision makers in cities across North America and Europe.
Participants tell us that these forums and roundtables foster dynamic, collaborati… Continue reading Sonatype Hosts Global Gatherings of DevSecOps Leaders and Innovators

The Dot Zero Conundrum and the New Frontier of Securing Open Source

Posted on by

Over the past two years, I’ve spoken about more than 20 instances of adversaries intentionally publishing malicious components into public open source and container repositories. Adversaries used these attacks to mine cryptocurrency, steal p… Continue reading The Dot Zero Conundrum and the New Frontier of Securing Open Source

Win a $100 Gift Card: Take a Brief Survey on Software Composition Analysis

Posted on by

Sonatype is building a software composition analysis tool for GitHub Actions and would love to understand your needs. If you are excited about GitHub Actions and looking for ways to understand the open source dependencies that make up your softwar… Continue reading Win a $100 Gift Card: Take a Brief Survey on Software Composition Analysis

Introducing a Better Way to Learn Sonatype Products

Posted on by

It’s not news that tech companies move at blazing speeds. In order to stay competitive, we are innovative, rapid in our deployments, and always thinking ahead. This breakneck pace of continuous improvement, feature releases, and updates are … Continue reading Introducing a Better Way to Learn Sonatype Products

From Fast Company to Inc, Sonatype Continues Racking Up Notable Awards

Posted on by

Being a new employee is a lot like being the new kid at school. One of the first things you suss out is the difference between expectations and reality. Sometimes the gap is pretty disappointing. 
Other times, there isn’t a gap at all — in f… Continue reading From Fast Company to Inc, Sonatype Continues Racking Up Notable Awards

Jobs As Code: Selecting the Best Tools and Deconstructing the CI/CD Pipeline

Posted on by

Who wants to mow the lawn with a pair of scissors? No one. Nothing compares to the ease of using the right tool for the job.
The post Jobs As Code: Selecting the Best Tools and Deconstructing the CI/CD Pipeline appeared first on Security Boulevard.
Continue reading Jobs As Code: Selecting the Best Tools and Deconstructing the CI/CD Pipeline

A Sort of a Homecoming – Why I Joined Sonatype

Posted on by

Switching employers is usually a difficult transition filled with complex emotions, fear, and anxiety. I haven’t had any of these feelings as I start my journey at Sonatype. The timing is right, the culture is right, the tools are right, and I hav… Continue reading A Sort of a Homecoming – Why I Joined Sonatype

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

Posted on by

What secrets did Toyota unlock decades ago that drive the success of today’s software supply chain?
Sonatype’s Matt Howard explained during a chat with Dave Bittner on an episode of The CyberWire Daily podcast.
The post What Toyota Unl… Continue reading What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

Free Software, But No Free Lunch

Posted on by

“This is a very important issue. Enterprises are not taking necessary precautions,” our SVP of Strategy and Corporate Development, Bill Karpovich, noted when talking about Fortune 100 cybersecurity.
The post Free Software, But No Free … Continue reading Free Software, But No Free Lunch