Sonatype Archives - Page 2 of 2

Report: Organizations embracing DevSecOps automation

The DevOps community is struggling with bringing security into the organization and across the software development life cycle (SDLC). However, new research from Sonatype reveals that while companies continue to face breaches, mature development organizations finally realize how critical it is to weave automated security early in the SDLC. Sonatype, a software automation and security … continue reading

Veracode’s State of Software Security Report, Symphony Software Foundation’s Open Developer Platform, and DevExpress open-sources TestCafe—SD Times news digest: Oct. 18, 2016

Veracode today released its findings from its annual State of Software Security Report, which revealed that the persistent use of components in software development is creating unmanaged risk. The report also found that companies can benefit if they accelerate their application security programs. Veracode found that a single popular component with a critical vulnerability spread … continue reading

The State of the Software Supply Chain report, new functional language Verve, and GE brings Predix to Azure—SD Times news digest: July 11, 2016

Open-source software is being used more than ever, yet practices for sourcing the software are inefficient and vulnerabilities are pervasive, according to a report from supply-chain automation provider Sonatype. The number of open-source component download requests increased to 31 billion in 2015 from 17 billion in 2014, according to the report, which looked at supply … continue reading

Topic: sonatype

Report: Organizations embracing DevSecOps automation

Veracode’s State of Software Security Report, Symphony Software Foundation’s Open Developer Platform, and DevExpress open-sources TestCafe—SD Times news digest: Oct. 18, 2016

Security practices take focus off programmers and onto systems

Sonatype offers insight into enterprise open-source usage

Maven Studio for Eclipse gets developers up to speed