Post security/devsecops
How DevOps evolved into DevSecOps: Embracing security in software development
The journey from DevOps to DevSecOps signifies a shift towards valuing security more prominently in how you create and maintain code, highlighting its increased importance within your software development and operations ...
DevSecOps maturity model: A beginner’s guide
In recent years, DevSecOps swiftly emerged as a crucial new paradigm in software development, prioritizing the integration of security into DevOps practices ...
DevSecOps tools: A beginner’s guide
DevSecOps, a fusion of development, security, and operations, marks a paradigm shift in software development, seamlessly integrating security throughout the software development life cycle (SDLC) ...
Protecting Software Developers from Malware with AI/ML Insights
In my last post I talked about solutions to address malware and the increase in attacks. Today I’ll dig into what’s necessary to find and avoid malware ...
What do Log4Shell and a Global Pandemic Have in Common?
A big challenge of being a software professional is effectively communicating complicated concepts in a way that your audience can understand — whether it be the junior engineer on your team, a ...
The Magic Behind Over 101,000 Malicious Packages Discovered and Blocked
Nexus Firewall provides industry-leading machine learning by security experts for security experts, detecting suspicious and malicious OSS risks in real-time and at scale before the rest of the world finds out ...
Setting Boundaries: How Procurement Relates to Security (Part 1)
Companies are made up of what they build, borrow, and buy. On the software development front, Sonatype’s tools help with two major issues: what you build (software) and borrow (open source code) ...
What Constitutes a Software Supply Chain Attack?
We are just halfway through 2021, and have already seen an exceptional increase in open source malware and novel supply chain attacks. And, they seem to just keep coming. ...
How to Better Navigate the World of DevSecOps with Sonatype and Saltworks Security
Recently we partnered with Orasi Software and Saltworks Security to discuss how organizations are using open source software. Saltworks’ Founder and CEO, Dennis Hurst and Sonatype’s, Maury Cupitt, VP, Solutions Architecture, sat ...