DevSecOps Elite and Their Reference Architecture

Who are members of the DevSecOps elite, and what tools do they use? And, why should you care? The Sonatype community has a few insights. Two Sonatypers shared insights at DevOps World | Jenkins World this past August - highlighting the importance of understanding what others are saying, to assess ... Read More

October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.

October is National Cybersecurity Awareness Month (NCSAM). NCSAM is a joint effort between government and industry to raise awareness about cyber threats. This year, NCSAM highlights three areas where cyber security protections (or vulnerabilities) affect everyday Americans: citizen privacy, consumer devices, and e-commerce ... Read More

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

What’s the best approach to secure vulnerabilities inside a Jenkins pipeline? Surprisingly, scale isn’t a consideration. Good security practices work whether you are talking about a personal project or an enterprise solution. Sonatype’s Justin Young (@whyjustin) took up the topic recently at Jenkins World. First, he outlined today’s ongoing technological ... Read More

Sonatype a Recognized Cybersecurity, DevOps Tech Titan

Sonatype continues to win accolades this year, from being named a top workplace for innovators by Fast Company and a coveted place to work, to being called an industry standout as an SD Times 100 company. Now we add four more ... Read More

What Developers Need to Know About WhatsApp’s Recent Security Dilemma

Last week, reports, like this one from Dark Reading, surfaced a remotely exploitable bug found in Facebook’s popular WhatsApp chat app, that spies on users and specifically targeted human rights groups. Facebook patched the flaw last week in the latest WhatsApp version 2.19.244 ... Read More

Sonatype Hosts Global Gatherings of DevSecOps Leaders and Innovators

The month of October is dedicated to intimate gatherings of DevSecOps professionals, thought leaders, and decision makers in cities across North America and Europe. Participants tell us that these forums and roundtables foster dynamic, collaborative conversations ... Read More
OSS for enterprises: Procure Secure Components Faster with Superior Developer Experience

It Pays to Discover Sonatype

The name of the presentation says it all: Procure Secure Components Faster with Superior Developer Experience. So announced Karthik Loganathan and Sheshagiri (Giri) Rao of Discover at the annual DevOps World | Jenkins World conference ... Read More

A More Secure Web Needs Developers, Defenders, Advocates, and OSS

How’s that deodorant of yours working? If you wanted to hear yesterday’s presentation you had to crowd in, close -- it was standing room only. Sonatype’s Derek Weeks (@weekstweets) presented at Global AppSec DC. The conference, sponsored by the OWASP Foundation, is one of the largest gatherings in the open ... Read More

Kubernetes in 10 Seconds

Sonatype’s DJ Schleen (@djschleen) demonstrates Kubernetes in 10 seconds: ... Read More

Take This Interactive DevSecOps Reference Architecture For a Test Drive

How do you get started with DevSecOps? There is so much to consider -- people, processes, tools, and measurement. To help plan and build a DevSecOps practice we’ve offered 40 reference architecture examples. Now, we introduce an interactive tool! Use it to help you visualize and then configure exactly what ... Read More
Loading...