automated open source governance Archives

Gartner: The Crucial Role of OSS License Compliance

Katie McCaskey | December 23, 2019 | automated open source governance, Everything Open Source, Gartner, license risks, open source governance policy, Post developers/devops

Gartner’s report, Technology Insight for Software Composition Analysis, makes four recommendations to improve software security. The first is to ensure a software bill of materials (or SBOM) exists for every software application; ...

Sonatype Blog

Activate Your Shield Against Open Source Invasions

Katie McCaskey | August 9, 2019 | automated open source governance, Everything Open Source, open source management, open source risk, Product

What are infinity stones, and where are they located in the Nexus platform? ...

Sonatype Blog

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

Katie McCaskey | August 5, 2019 | 2019 State of the Software Supply Chain Report, automated open source governance, Continuous Security, DevSecOps, News and Views, Open Source Governance, Report/Survey/Whitepaper releases

What secrets did Toyota unlock decades ago that drive the success of today’s software supply chain? Sonatype’s Matt Howard explained during a chat with Dave Bittner on an episode of The CyberWire ...

Sonatype Blog