all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How manufacturing best practices can improve open source consumption and software supply chains

Add to bookmarks
Oct. 12, 2023, 5:54 p.m. | jwayman@sonatype.com (Jeff Wayman)

Sonatype Blog blog.sonatype.com




The biggest problem facing software organizations today is an inability to track, monitor, and improve the usage of open source software. This isn’t about security alone. From DevOps to DevSecOps, there are fundamental principles that the best development teams use to guide open source software consumption. Many of these best practices come from traditional manufacturing, which is the focus of a new paper Sonatype CTO Brian Fox and I spent most of the last year researching and developing in partnership …

best practices development development teams devops devsecops facing guide isn manufacturing monitor news and views open source open-source software organizations practices principles problem security software software supply chain software supply chains supply supply chains teams thought leaders today track

Visit resource

More from blog.sonatype.com / Sonatype Blog

The impact of automating open source dependency management 4 hours ago | blog.sonatype.com
automation business consuming customer +13
Sonatype Lifecycle best practices: Getting started and managing SBOMs 1 week, 1 day ago | blog.sonatype.com
applications best practices critical dependencies +13
DevOps pioneers navigate organizational transformation 2 weeks, 1 day ago | blog.sonatype.com
depth devops devops transformation download +13
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 2 weeks, 3 days ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 3 weeks ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 4 weeks ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 1 month ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 1 month ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 1 month ago | blog.sonatype.com
apache cyclonedx devzone experience +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs