Open Source Governance
White House Releases Executive Order on America’s Software Supply Chains
Following the end of 2020 software supply chain attacks on SolarWinds that impacted multiple government agencies and private sector companies, President Biden issued a 2021 executive order asking for a comprehensive review ...
How to Establish an Open Source Program Office
It feels like some people don’t have a strong understanding of open source. Some misunderstandings have come from working with open source in an environment filled with proprietary software. When the words ...
Developers Gain Contextual Feedback with Automated Pull Request Commenting
At Sonatype, we work continuously to increase awareness of open source risk, and decrease the time it takes you to make your applications safe. It is our never ending quest to shift ...
Four Common Security Acronyms Explained
Editor’s Note: This is the first in a series of posts about the 2020 DevSecOps Reference Architecture developed by DJ Schleen. In this series DJ explains various parts of the pipeline architecture ...
Keep GitHub Dependencies Secure with Nexus Lifecycle’s Automated Pull Requests
As organizations seek to innovate faster and build more secure applications at scale, the one trend we are seeing is the desire to automate dependency management. In fact this trend was evident ...
Deloitte Names Sonatype in ‘Technology Fast 500’ for Fourth Consecutive Year
If the topic is speed, the subject is Sonatype. This week, Sonatype received another recognition in the form of Deloitte’s Technology Fast 500™ ranking, our fourth year on the list. The list ...
It Pays to Discover Sonatype
The name of the presentation says it all: Procure Secure Components Faster with Superior Developer Experience. So announced Karthik Loganathan and Sheshagiri (Giri) Rao of Discover at the annual DevOps World | ...
What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today
What secrets did Toyota unlock decades ago that drive the success of today’s software supply chain? Sonatype’s Matt Howard explained during a chat with Dave Bittner on an episode of The CyberWire ...
A World of Infinite Choice in Open Source Software
We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ...
