RESEARCH CONTENT: This Sonatype report, “The Risks & Rewards of Generative Al in Software Development,” details where developers and security teams differ and agree on GenAI. Dive into the report.

Posted: 26 Mar 2024 | Published: 26 Mar 2024

WHITE PAPER: This white paper examines cyber threats to software supply chains and open source components, noting the increased attack surface due to third-party code use. It recommends automating open source governance in the development lifecycle to mitigate risks. Read the white paper here.

Posted: 23 Mar 2024 | Published: 23 Mar 2024

WHITE PAPER: How can your organization’s software development practices be agile yet secure? Exploring how to approach that balancing act, this white paper highlights the importance of a proactive stance for software supply chain security. To discover how to adopt that stance, dig into the 10-page paper.

Posted: 22 Mar 2024 | Published: 22 Mar 2024

WEBCAST: For DevSecOps processes, software bills of material (SBOMs) provide internal visibility into software to help better understand what is being used and where there could be a potential risk. In this webcast, experts from DXC, AWS, and Sonatype combine their expertise to discuss the importance of SBOMs in software development. Watch to learn more.

Posted: 21 Mar 2024 | Premiered: Mar 21, 2024

WEBCAST: This webinar is part two of “The Power of SBOMs: Securing the software supply chain” series. This time around, the talk is focused on:Case studies in regulated industriesA demo of SBOM ManagementDiscussion on SBOM use casesThis talk features Robert Haas, DXC Technology, Marc Luescher, AWS and Ilkka Turunen, Sonatype. Watch the webinar.

Posted: 20 Mar 2024 | Premiered: Mar 20, 2024

WHITE PAPER: In this white paper, you’ll learn why the notion that security must be sacrificed for productivity is a myth and discover a solution designed to safeguard the software supply chain from open source dangers without compromising efficiency. Read on to learn how you can mitigate risks and secure your software pipeline while maintaining productivity.

Posted: 19 Mar 2024 | Published: 19 Mar 2024

WHITE PAPER: AI tools will benefit developers at all levels by handling repetitive tasks, serving as references, and mentoring juniors. Learn more about how this will work in this white paper.

Posted: 16 Mar 2024 | Published: 16 Mar 2024

RESEARCH CONTENT: How are regulatory initiatives like the Biden administration’s “Securing Open Source Software Act” impacting software development and security? To find out, Censuswide surveyed 217 IT directors. Review the findings in this 9-page report by Sonatype.

Posted: 15 Mar 2024 | Published: 15 Mar 2024

WHITE PAPER: Software dependencies can equal open-source vulnerabilities. To empower your developers in leveraging open-source components while mitigating risk, read this white paper. Inside, Sonatype evaluates the top 5 open-source components, their vulnerabilities, and remediation recommendations.

Posted: 14 Mar 2024 | Published: 14 Mar 2024

EGUIDE: Security in DevOps, aptly named DevSecOps, is something that your development organization is going to have to deal with soon. This e-guide is your primer to bringing these two departments together when they come from such different perspectives. Learn how to improve collaboration, incorporate security earlier in development, and more.

Posted: 08 May 2017 | Published: 04 May 2017

EGUIDE: Open source software may be all the rage right now as the DevOps movement advances, but it's important to keep track of it carefully for licensing and security purposes. Continue reading this eGuide for information on how to accurately track your open source software, and the steps you should take to avoid licensing fees.

Posted: 28 Apr 2017 | Published: 28 Apr 2017