open source software supply chain

How to Establish an Open Source Program Office

Posted on June 24, 2020 by Mark Henke

It feels like some people don’t have a strong understanding of open source. Some misunderstandings have come from working with open source in an environment filled with proprietary software. When the words “open” and “sourc… Continue reading How to Establish an Open Source Program Office→

DevSecOps Leadership Forum: 500 Innovators Learning from Shared Experiences

Posted on May 14, 2020 by Matt Howard

A week ago we hosted the North American DevSecOps Leadership Forum. It was an online event and an amazing experience in which we assembled 500+ software development, application security, and IT operations professionals to share experiences and le… Continue reading DevSecOps Leadership Forum: 500 Innovators Learning from Shared Experiences→

Gartner: Mitigate Risk By Hardening the Software Supply Chain

Posted on December 12, 2019 by Katie McCaskey

When molten steel is immersed in water it transforms into one of the world’s strongest materials. A resilient software supply chain is no different. Hardened steel requires combining alloys; a hardened software supply chain requires combinin… Continue reading Gartner: Mitigate Risk By Hardening the Software Supply Chain→

October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.

Posted on October 21, 2019 by Katie McCaskey

October is National Cybersecurity Awareness Month (NCSAM). NCSAM is a joint effort between government and industry to raise awareness about cyber threats. This year, NCSAM highlights three areas where cyber security protections (or vulnerabil… Continue reading October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.→

Nexus Lifecycle Now Integrates with Azure DevOps to Secure Software Supply Chains in the Cloud

Posted on October 11, 2019 by Michelle Dufty

As more and more software development teams move to the cloud, it is now more important than ever to ensure that only the best open source components make it into a final application. With a 71% increase in open source related breaches within the … Continue reading Nexus Lifecycle Now Integrates with Azure DevOps to Secure Software Supply Chains in the Cloud→

It Pays to Discover Sonatype

Posted on October 3, 2019 by Katie McCaskey

The name of the presentation says it all: Procure Secure Components Faster with Superior Developer Experience. So announced Karthik Loganathan and Sheshagiri (Giri) Rao of Discover at the annual DevOps World | Jenkins World conference.
T… Continue reading It Pays to Discover Sonatype→

A World of Infinite Choice in Open Source Software

Posted on July 11, 2019 by Katie McCaskey

We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ever. Our goal? To qualify and quantify how exemplary developme… Continue reading A World of Infinite Choice in Open Source Software→

Achieving a Managed State Model For Your Software Supply Chain

Posted on June 24, 2019 by Katie McCaskey

Santi Mulukutla, Customer Success Engineer at Sonatype, invites you to embrace ambiguity.
Building a successful software supply chain means developing a framework. Most importantly, that framework should be flexible and scalable. It should continu… Continue reading Achieving a Managed State Model For Your Software Supply Chain→