State of the Software Supply Chain

When AI Writes Code, Who Governs the Dependencies?

When AI Writes Code, Who Governs the Dependencies?

| | AI, Artificial Intelligence, dependencies, Federal, government, SBOM Manager, Sonatype Lifecycle, Sonatype Repository Firewall, State of the Software Supply Chain
The Department of War'sCall for Solutions on AI-enabled coding capabilities (CDAO_26-01) arrives at exactly the right moment. Today's AI coding assistants have moved beyond experiments in productivity to becoming the basis for ...
2024 Sonatype Blog

Autonomous Development and AI: Speed vs. Security

| | AI, Artificial Intelligence, automated workflow, Automation, Events and Webinars, secure software supply chain, State of the Software Supply Chain
AI-assisted development is changing how software gets built. What began as a productivity boost is quickly becoming something bigger ...
2024 Sonatype Blog
Grounded Intelligence Is Key to Safe AI Software Development at Scale

Grounded Intelligence Is Key to Safe AI Software Development at Scale

| | AI, Artificial Intelligence, dependencies, scale, Software Development, Sonatype Research, State of the Software Supply Chain
One experience has become nearly universal as AI systems move deeper into software development, their confidence when they're wrong ...
2024 Sonatype Blog
branded electric blue quote glyph

What the 2026 State of the Software Supply Chain Report Reveals About Regulation

| | Compliance, Events and Webinars, Liability Regulation, open source, software infrastructure, software supply chain, State of the Software Supply Chain
...
2024 Sonatype Blog
Trust At Scale: The Commons, Threats, and AI in the Loop | Sonatype

Trust At Scale: The Commons, Threats, and AI in the Loop | Sonatype

| | Malware, open-source-software, software supply chain, State of the Software Supply Chain
Dependency management used to be a private embarrassment: an Ant script, a /lib folder, and classpath roulette. You could ship anyway, and the consequences mostly stayed inside your org.  ...
2024 Sonatype Blog

5 reasons to not miss Sonatype at RSAC 2025

| | Conferences, RSA Conference, Sonatype Platform, State of the Software Supply Chain
RSA Conference (RSAC) brings together cybersecurity practitioners from across the globe to learn about the latest cybersecurity defense strategies and tools, connect with industry peers, and share knowledge about the threat landscape ...
2024 Sonatype Blog
Protecting the software supply chain: Insights from our expert panel

Protecting the software supply chain: Insights from our expert panel

| | Events and Webinars, Sonatype webinars, State of the Software Supply Chain
As software grows increasingly complex, ensuring the security of your software supply chain remains a critical priority ...
2024 Sonatype Blog
Wrapping up a decade of insights from the State of the Software Supply Chain

Wrapping up a decade of insights from the State of the Software Supply Chain

| | open source, secure software supply chain, software supply chain, State of the Software Supply Chain
Sonatype's 10th annual State of the Software Supply Chain report marks a transformative decade for open source software ...
2024 Sonatype Blog
From risks to resilience: Best practices for software supply chain security

From risks to resilience: Best practices for software supply chain security

| | Best Practices, News and Views, secure software supply chain, software supply chain, State of the Software Supply Chain
As software supply chains evolve in complexity, managing security risks has become an ever-changing challenge. New threats emerge daily, driven by rapid innovation and the heavy reliance on open source components ...
2024 Sonatype Blog

Optimizing efficiency and reducing waste in open source software management

| | News and Views, open source, software supply chain, State of the Software Supply Chain
As the use of open source software (OSS) continues to grow, so do the challenges around maintaining security and efficiency in software dependency management ...
2024 Sonatype Blog
Load more