Open Source Governance - Tagged - Security Boulevard

White House Releases Executive Order on America’s Software Supply Chains

Following the end of 2020 software supply chain attacks on SolarWinds that impacted multiple government agencies and private sector companies, President Biden issued a 2021 executive order  asking for a comprehensive review ...

How to Establish an Open Source Program Office

It feels like some people don’t have a strong understanding of open source. Some misunderstandings have come from working with open source in an environment filled with proprietary software. When the words ...

Developers Gain Contextual Feedback with Automated Pull Request Commenting

At Sonatype, we work continuously to increase awareness of open source risk, and decrease the time it takes you to make your applications safe. It is our never ending quest to shift ...

Four Common Security Acronyms Explained

Editor’s Note: This is the first in a series of posts about the 2020 DevSecOps Reference Architecture developed by DJ Schleen. In this series DJ explains various parts of the pipeline architecture ...

Keep GitHub Dependencies Secure with Nexus Lifecycle’s Automated Pull Requests

As organizations seek to innovate faster and build more secure applications at scale, the one trend we are seeing is the desire to automate dependency management. In fact this trend was evident ...

Deloitte Names Sonatype in ‘Technology Fast 500’ for Fourth Consecutive Year

If the topic is speed, the subject is Sonatype. This week, Sonatype received another recognition in the form of Deloitte’s Technology Fast 500™ ranking, our fourth year on the list. The list ...
OSS for enterprises: Procure Secure Components Faster with Superior Developer Experience

It Pays to Discover Sonatype

The name of the presentation says it all: Procure Secure Components Faster with Superior Developer Experience. So announced Karthik Loganathan and Sheshagiri (Giri) Rao of Discover at the annual DevOps World | ...

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

What secrets did Toyota unlock decades ago that drive the success of today’s software supply chain? Sonatype’s Matt Howard explained during a chat with Dave Bittner on an episode of The CyberWire ...

A World of Infinite Choice in Open Source Software

We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ...