How DevOps evolved into DevSecOps: Embracing security in software development

How DevOps evolved into DevSecOps: Embracing security in software development

The journey from DevOps to DevSecOps signifies a shift towards valuing security more prominently in how you create and maintain code, highlighting its increased importance within your software development and operations ...
DevSecOps maturity model: A beginner’s guide

DevSecOps maturity model: A beginner’s guide

In recent years, DevSecOps swiftly emerged as a crucial new paradigm in software development, prioritizing the integration of security into DevOps practices ...
DevSecOps tools: A beginner's guide

DevSecOps tools: A beginner’s guide

DevSecOps, a fusion of development, security, and operations, marks a paradigm shift in software development, seamlessly integrating security throughout the software development life cycle (SDLC) ...
Protecting Software Developers from Malware with AI/ML Insights

Protecting Software Developers from Malware with AI/ML Insights

In my last post I talked about solutions to address malware and the increase in attacks. Today I’ll dig into what’s necessary to find and avoid malware ...

What do Log4Shell and a Global Pandemic Have in Common?

A big challenge of being a software professional is effectively communicating complicated concepts in a way that your audience can understand — whether it be the junior engineer on your team, a ...

The Magic Behind Over 101,000 Malicious Packages Discovered and Blocked

Nexus Firewall provides industry-leading machine learning by security experts for security experts, detecting suspicious and malicious OSS risks in real-time and at scale before the rest of the world finds out ...

Setting Boundaries: How Procurement Relates to Security (Part 1)

Companies are made up of what they build, borrow, and buy. On the software development front, Sonatype’s tools help with two major issues: what you build (software) and borrow (open source code) ...

What Constitutes a Software Supply Chain Attack?

We are just halfway through 2021, and have already seen an exceptional increase in open source malware and novel supply chain attacks. And, they seem to just keep coming.   ...

How to Better Navigate the World of DevSecOps with Sonatype and Saltworks Security

Recently we partnered with Orasi Software and Saltworks Security to discuss how organizations are using open source software. Saltworks’ Founder and CEO, Dennis Hurst and Sonatype’s, Maury Cupitt, VP, Solutions Architecture, sat ...