WHITE PAPER: The Sonatype platform helps organizations meet NIST SP 800-218 and CISA attestation requirements for secure software development. It provides comprehensive visibility, control, and automation to manage software supply chain risk and build secure applications. Learn more in this white paper.

Posted: 23 Oct 2024 | Published: 24 Oct 2024

WHITE PAPER: In January of 2025, the EU will begin enforcing the Digital Operational Resilience Act (DORA). This guide provides a more detailed breakdown of the compliance law and provides you with the information and resources you need to prepare your organization to meet the regulations. Access now to learn more.

Posted: 25 Jun 2024 | Published: 25 Jun 2024

WHITE PAPER: The EU's updated cybersecurity legislation, NIS2, strengthens security requirements for critical infrastructure. Learn how the Sonatype platform can help organizations address NIS2 compliance challenges and enhance software development processes. Read the 7-page white paper.

Posted: 21 Jun 2024 | Published: 22 Jun 2024

WHITE PAPER: The Cyber Resilience Act (CRA) was developed to improve the cybersecurity of digital products by establishing essential requirements for manufacturers to ensure their products reach the market with fewer vulnerabilities. This user’s guide aims to shed light on CRA compliance. Read on to learn more.

Posted: 21 Jun 2024 | Published: 21 Jun 2024

RESEARCH CONTENT: This Sonatype report, “The Risks & Rewards of Generative Al in Software Development,” details where developers and security teams differ and agree on GenAI. Dive into the report.

Posted: 26 Mar 2024 | Published: 26 Mar 2024

WHITE PAPER: This white paper examines cyber threats to software supply chains and open source components, noting the increased attack surface due to third-party code use. It recommends automating open source governance in the development lifecycle to mitigate risks. Read the white paper here.

Posted: 23 Mar 2024 | Published: 23 Mar 2024

WHITE PAPER: How can your organization’s software development practices be agile yet secure? Exploring how to approach that balancing act, this white paper highlights the importance of a proactive stance for software supply chain security. To discover how to adopt that stance, dig into the 10-page paper.

Posted: 22 Mar 2024 | Published: 22 Mar 2024

WEBCAST: For DevSecOps processes, software bills of material (SBOMs) provide internal visibility into software to help better understand what is being used and where there could be a potential risk. In this webcast, experts from DXC, AWS, and Sonatype combine their expertise to discuss the importance of SBOMs in software development. Watch to learn more.

Posted: 21 Mar 2024 | Premiered: Mar 21, 2024

WEBCAST: This webinar is part two of “The Power of SBOMs: Securing the software supply chain” series. This time around, the talk is focused on:Case studies in regulated industriesA demo of SBOM ManagementDiscussion on SBOM use casesThis talk features Robert Haas, DXC Technology, Marc Luescher, AWS and Ilkka Turunen, Sonatype. Watch the webinar.

Posted: 20 Mar 2024 | Premiered: Mar 20, 2024

WHITE PAPER: In this white paper, you’ll learn why the notion that security must be sacrificed for productivity is a myth and discover a solution designed to safeguard the software supply chain from open source dangers without compromising efficiency. Read on to learn how you can mitigate risks and secure your software pipeline while maintaining productivity.

Posted: 19 Mar 2024 | Published: 19 Mar 2024

WHITE PAPER: AI tools will benefit developers at all levels by handling repetitive tasks, serving as references, and mentoring juniors. Learn more about how this will work in this white paper.

Posted: 16 Mar 2024 | Published: 16 Mar 2024

RESEARCH CONTENT: How are regulatory initiatives like the Biden administration’s “Securing Open Source Software Act” impacting software development and security? To find out, Censuswide surveyed 217 IT directors. Review the findings in this 9-page report by Sonatype.

Posted: 15 Mar 2024 | Published: 15 Mar 2024

WHITE PAPER: Software dependencies can equal open-source vulnerabilities. To empower your developers in leveraging open-source components while mitigating risk, read this white paper. Inside, Sonatype evaluates the top 5 open-source components, their vulnerabilities, and remediation recommendations.

Posted: 14 Mar 2024 | Published: 14 Mar 2024