Hot Topics

Katie McCaskey
Katie McCaskey
Sonatype Blog

From Fast Company to Inc, Sonatype Continues Racking Up Notable Awards

| | awards, FEATURED, News and Views, sonatype awards, Sonatype culture/awards, Sonatypers
Being a new employee is a lot like being the new kid at school. One of the first things you suss out is the difference between expectations and reality. Sometimes the gap is pretty disappointing. Other times, there isn't a gap at all -- in fact, reality exceeds your expectations! ... Read More
Sonatype Blog

Development Velocity Is a Surprisingly Good Thing, Says Researchers

| | 2019 State of the Software Supply Chain Report, DevSecOps, open source, Open Source Governance, open source risk
... Read More
Sonatype Blog

Activate Your Shield Against Open Source Invasions

| | automated open source governance, Everything Open Source, open source management, open source risk, Product
What are infinity stones, and where are they located in the Nexus platform? ... Read More
Sonatype Blog

Continuous Authorization with DevSecOps

| | Continuous Authentication, DevSecOps, DevSecOps in Government, Post security/devsecops
Software development within the federal government often begins with an alignment to the Authorizations to Operate (ATO) and related, required security processes. Sometimes, these are an impediment to DevSecOps. So how can teams implement sound DevSecOps into an environment with strict controls and processes? ... Read More
Sonatype Blog

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

| | 2019 State of the Software Supply Chain Report, automated open source governance, Continuous Security, DevSecOps, News and Views, Open Source Governance, Report/Survey/Whitepaper releases
What secrets did Toyota unlock decades ago that drive the success of today’s software supply chain? Sonatype’s Matt Howard explained during a chat with Dave Bittner on an episode of The CyberWire Daily podcast ... Read More
Sonatype Blog

How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension

| | Chrome, Community Product, Community Spotlight, Employee Spotlights, extension, FEATURED, plugin, Product
The first thing you need to know about Sonatype is this: the rumors are true ... Read More
Sonatype Blog

NIST Proposes Standards to Secure Government SDLC

| | component governance, Everything Open Source, government open source software (GOSS), Industry commentary, open source, open source goveranance, Open Source Security
Earlier this Summer, the National Institute of Standards and Technology (NIST), a part of the U.S. Chamber of Commerce, proposed a set of standards to address software supply chain attacks - and the growing need for better software security ... Read More
Sonatype Blog

Blue by Default

| | Application Security, AppSec, blue by default, Post security/devsecops, security
How do you build an organization so security is the default, not the afterthought? The rise of attacks demonstrates an ever increasing need to protect ourselves because critical, interconnected systems are controlled by software. Security must "shift left" and be embedded into the software supply chain from the start. As ... Read More
Sonatype Blog

How to Become an OSS Champion

| | DevOps culture, News and Views, open source development, open-source-software, Post developers/devops
Open source software components yield a competitive marketplace advantage. So why do some development teams resist and rebel? ... Read More
Sonatype Blog

Free Software, But No Free Lunch

| | 2019 State of the Software Supply Chain Report, devops best practices, News and Views, Post security/devsecops, security
“This is a very important issue. Enterprises are not taking necessary precautions,” our SVP of Strategy and Corporate Development, Bill Karpovich, noted when talking about Fortune 100 cybersecurity ... Read More
Sonatype Blog