Sonatype stories

Sonatype and HackerOne partner on open source vulnerability reporting
Mon, 25th Mar 2019
#
open source
#
partnerships
#
security vulnerabilities
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.

Huge vulnerabilities in software supply chain being exploited
Thu, 4th Oct 2018
#
devops
#
project management
#
cybersecurity
A very exposing report has revealed breaches are rising and response times are falling, largely due to shoddy software development practices.