all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
All InfoSec / Cybersecurity News

Source: blog.sonatype.com / Sonatype Blog

https://blog.sonatype.com
Follow source RSS
SAST vs. DAST: Enhancing application security 5 days, 13 hours ago | blog.sonatype.com
application applications application security challenge +10
npm packages caught exfiltrating Kubernetes config, SSH keys 1 week ago | blog.sonatype.com
campaign caught configuration devzone +16
New npm PoC packages target PayPal Zettle, Airbnb developers 2 weeks ago | blog.sonatype.com
airbnb dependencies dependency confusion developers +9
Unlocking the power of generative AI in software development: Insights from Sonatype's survey 2 weeks ago | blog.sonatype.com
artificial artificial intelligence changing cloud +24
How to navigate DevOps principles: Analyzing Shift Left and Secure Right 2 weeks, 6 days ago | blog.sonatype.com
concepts devops principles shift left +3
A guide for open source software (OSS) security 4 weeks, 1 day ago | blog.sonatype.com
critical devzone evaluation guide +17
Enhancing software supply chain security: New Sonatype product capabilities 1 month ago | blog.sonatype.com
capabilities control development devsecops +26
Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module 1 month, 3 weeks ago | blog.sonatype.com
called code connector devzone +9
Getting started with the Secure Software Development Framework (SSDF) 1 month, 4 weeks ago | blog.sonatype.com
addition application security development devops frameworks +20
How to use Repository Health Check 2.0 2 months ago | blog.sonatype.com
check health manager nexus +7
Cyber Resilience Act: The Future of Software in the European Union 2 months ago | blog.sonatype.com
act cyber cyber resilience cyber resilience act +10
How Much Should the Federal Government Worry About Log4j? 2 months, 1 week ago | blog.sonatype.com
africa apache apache log4j circle +15
How Does Securing the Software Supply Chain Fit the DoD CIO Zero Trust Architecture? 2 months, 1 week ago | blog.sonatype.com
architecture area care cio +15
“Quoi...? feur” from meme to malware – PyPI package targets Windows with ‘NullRAT’ info-stealer 2 months, 1 week ago | blog.sonatype.com
devzone info malicious malware +8
A Closer Look: Differentiating Software Vulnerabilities and Malware 2 months, 2 weeks ago | blog.sonatype.com
cybersecurity devzone digital integrity +16
npm Manifest Confusion – What Is It and Do You Really Need to Worry About … 2 months, 4 weeks ago | blog.sonatype.com
attention cli dependencies developer +14
How to Measure the Maturity of Your Software Supply Chain 3 months ago | blog.sonatype.com
application security challenges development devops frameworks +18
PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers 3 months ago | blog.sonatype.com
attackers automated blog blog post +16
Sonatype Named a Leader in The Forrester Wave™ for Software Composition Analysis 3 months, 1 week ago | blog.sonatype.com
analysis forrester forrester wave leader +4
Better Software Development: Insights from the SBOM Scorecard 3 months, 2 weeks ago | blog.sonatype.com
application security appsec data-insights development +5
How to Improve Your Software Supply Chain with a Software Security Framework 3 months, 3 weeks ago | blog.sonatype.com
attacks car components framework +14
How software composition analysis can help you go from good to great 3 months, 3 weeks ago | blog.sonatype.com
analysis devsecops great live +7
DevSecOps Leadership Forum: Revolutionizing Financial Services 3 months, 3 weeks ago | blog.sonatype.com
devsecops devsecops leadership forum financial financial services +5
Sonatype Named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing 4 months ago | blog.sonatype.com
analysis application application security application security testing +19
Sonatype Sponsoring Red Hat Summit on May 23-25 in Boston 4 months, 3 weeks ago | blog.sonatype.com
art boston conference lifecycle +18
Software Packages, Do We Even Need Them? 4 months, 3 weeks ago | blog.sonatype.com
maven package managers packages secure software supply chain +1
Wicked Good Development Episode 32: Java Queens at Devnexus 2023 4 months, 4 weeks ago | blog.sonatype.com
community development devzone java +2
Can the Open Source Community Save Europe from the Cyber Resilience Act? 4 months, 4 weeks ago | blog.sonatype.com
act community cyber cyber resilience +9
Supply Chain Security Inside and Out 5 months ago | blog.sonatype.com
open source security secure software supply chain security sonatype repository firewall +3
7 Software License Types Explained: Open Source and Closed Source 5 months ago | blog.sonatype.com
advanced legal pack explained license open source +4
Explore a Refreshed Sonatype Platform: New Features, New Product Names 5 months ago | blog.sonatype.com
featured features names new features +6
The Impact of Security Testing on an Organization 5 months ago | blog.sonatype.com
dast devzone iast impact +6
Power Up Your Dependencies: The Parallels of SBOMs and Mario Kart 5 months ago | blog.sonatype.com
dependencies featured open source parallels +4
How to Convert Your SBOM Between SPDX and CycloneDX Formats 5 months ago | blog.sonatype.com
cyclonedx devsecops devzone open source +3
Protecting Software Developers from Malware with AI/ML Insights 5 months ago | blog.sonatype.com
address attacks developers devsecops +12
Wicked Good Development Episode 31: Testcontainers With Oleg Šelajev 5 months, 2 weeks ago | blog.sonatype.com
community development devzone podcast +2
Malware Monthly - March 2023 5 months, 2 weeks ago | blog.sonatype.com
devzone featured malware malware monthly +5
Another SolarWinds? The Latest Software Supply Chain Attack on 3CX 5 months, 2 weeks ago | blog.sonatype.com
3cx appsec attack industry commentary +10
Sonatype Repository Firewall is an Easy Solution for a Big Problem 5 months, 3 weeks ago | blog.sonatype.com
big featured firewall malware prevention +8
Sonatype’s Nexus Firewall is an Easy Solution for a Big Problem 5 months, 3 weeks ago | blog.sonatype.com
big featured firewall malware prevention +8
Post-Conference Tech Spec: Why Building Your Ship (Application) with Raw Materials is a Bad Idea 5 months, 3 weeks ago | blog.sonatype.com
application bad conference devsecops +6
Visualize Your Open Source Governance With BOM Doctor 5 months, 3 weeks ago | blog.sonatype.com
bom doctor governance open source open source tools +3
Sonatype Lifecycle Enhancements Boost Speed, Security, and Productivity 5 months, 3 weeks ago | blog.sonatype.com
lifecycle lifecycle cloud nexus lifecycle nexus platform +7
Wicked Good Development Episode 30: JUG, AKA the JAVA User Group 5 months, 4 weeks ago | blog.sonatype.com
community development devzone java +3
New Design, New Features: Maven Central Improvements for Developers 5 months, 4 weeks ago | blog.sonatype.com
change dependencies design developer +20
Cyber-readiness and Changing Federal Government SBOM Requirements 5 months, 4 weeks ago | blog.sonatype.com
addition attack biden changing +30
Manage Open Source Risk With Improved Malware Detection 5 months, 4 weeks ago | blog.sonatype.com
attacks business cybersecurity cybersecurity risk +30
ChatGPT Data Leak and Redis Race Condition Vulnerability That Remains Unfixed 5 months, 4 weeks ago | blog.sonatype.com
chatgpt data data leak leak +6
Sonatype's SBOM Generation Capabilities Outpace the Competition 6 months ago | blog.sonatype.com
bom doctor capabilities competition nexus lifecycle +5
[New Live Series] Dev Chat with Dan Conn: Beware of Malware 6 months ago | blog.sonatype.com
chat dan dev devzone +7
Top 8 Malicious Attacks Recently Found On PyPI 6 months, 1 week ago | blog.sonatype.com
attacks devzone featured malicious +3
Meet Frank Tingle: Values Champion 6 months, 1 week ago | blog.sonatype.com
frank sonatype core values sonatype values champions
Wicked Good Development Episode 29: White House Unveils New National Cybersecurity Strategy 6 months, 1 week ago | blog.sonatype.com
community cybersecurity cybersecurity strategy development +10
What is Hashing? A Look at Unique Identifiers in Software 6 months, 2 weeks ago | blog.sonatype.com
hashing open source security secure software supply chain software +1
Malware Monthly - February 2023 6 months, 2 weeks ago | blog.sonatype.com
devzone february malware malware monthly +4
How Coding Changed My Life 6 months, 2 weeks ago | blog.sonatype.com
awards coding employee spotlights international women's day +2
Wicked Good Development Episode 28: Simon Brown on Visualizing Software Architecture 6 months, 3 weeks ago | blog.sonatype.com
architecture community development devzone +3
White House National Cybersecurity Strategy: Landmark Action for a Critical Threat 6 months, 3 weeks ago | blog.sonatype.com
action attacks critical cybersecurity +23
New on Sonatype Learn: Easy Source Control Management (SCM) Onboarding 6 months, 4 weeks ago | blog.sonatype.com
control elearning how tos learn +6
How Stolen Information Stealers are Fueling an Underground Market 6 months, 4 weeks ago | blog.sonatype.com
cybercrime devzone information information stealers +6

Items published with this topic over the last 90 days.

Latest

SAST vs. DAST: Enhancing application security 5 days, 13 hours ago | blog.sonatype.com
application applications application security challenge +10
npm packages caught exfiltrating Kubernetes config, SSH keys 1 week ago | blog.sonatype.com
campaign caught configuration devzone +16
New npm PoC packages target PayPal Zettle, Airbnb developers 2 weeks ago | blog.sonatype.com
airbnb dependencies dependency confusion developers +9
Unlocking the power of generative AI in software development: Insights from Sonatype's survey 2 weeks ago | blog.sonatype.com
artificial artificial intelligence changing cloud +24
How to navigate DevOps principles: Analyzing Shift Left and Secure Right 2 weeks, 6 days ago | blog.sonatype.com
concepts devops principles shift left +3
A guide for open source software (OSS) security 4 weeks, 1 day ago | blog.sonatype.com
critical devzone evaluation guide +17
Enhancing software supply chain security: New Sonatype product capabilities 1 month ago | blog.sonatype.com
capabilities control development devsecops +26
Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module 1 month, 3 weeks ago | blog.sonatype.com
called code connector devzone +9
Getting started with the Secure Software Development Framework (SSDF) 1 month, 4 weeks ago | blog.sonatype.com
addition application security development devops frameworks +20
How to use Repository Health Check 2.0 2 months ago | blog.sonatype.com
check health manager nexus +7
Cyber Resilience Act: The Future of Software in the European Union 2 months ago | blog.sonatype.com
act cyber cyber resilience cyber resilience act +10
How Much Should the Federal Government Worry About Log4j? 2 months, 1 week ago | blog.sonatype.com
africa apache apache log4j circle +15
How Does Securing the Software Supply Chain Fit the DoD CIO Zero Trust Architecture? 2 months, 1 week ago | blog.sonatype.com
architecture area care cio +15
“Quoi...? feur” from meme to malware – PyPI package targets Windows with ‘NullRAT’ info-stealer 2 months, 1 week ago | blog.sonatype.com
devzone info malicious malware +8
A Closer Look: Differentiating Software Vulnerabilities and Malware 2 months, 2 weeks ago | blog.sonatype.com
cybersecurity devzone digital integrity +16
npm Manifest Confusion – What Is It and Do You Really Need to Worry About … 2 months, 4 weeks ago | blog.sonatype.com
attention cli dependencies developer +14
How to Measure the Maturity of Your Software Supply Chain 3 months ago | blog.sonatype.com
application security challenges development devops frameworks +18
PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers 3 months ago | blog.sonatype.com
attackers automated blog blog post +16
Sonatype Named a Leader in The Forrester Wave™ for Software Composition Analysis 3 months, 1 week ago | blog.sonatype.com
analysis forrester forrester wave leader +4
Better Software Development: Insights from the SBOM Scorecard 3 months, 2 weeks ago | blog.sonatype.com
application security appsec data-insights development +5
How to Improve Your Software Supply Chain with a Software Security Framework 3 months, 3 weeks ago | blog.sonatype.com
attacks car components framework +14
How software composition analysis can help you go from good to great 3 months, 3 weeks ago | blog.sonatype.com
analysis devsecops great live +7
DevSecOps Leadership Forum: Revolutionizing Financial Services 3 months, 3 weeks ago | blog.sonatype.com
devsecops devsecops leadership forum financial financial services +5
Sonatype Named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing 4 months ago | blog.sonatype.com
analysis application application security application security testing +19
Sonatype Sponsoring Red Hat Summit on May 23-25 in Boston 4 months, 3 weeks ago | blog.sonatype.com
art boston conference lifecycle +18
Software Packages, Do We Even Need Them? 4 months, 3 weeks ago | blog.sonatype.com
maven package managers packages secure software supply chain +1
Wicked Good Development Episode 32: Java Queens at Devnexus 2023 4 months, 4 weeks ago | blog.sonatype.com
community development devzone java +2
Can the Open Source Community Save Europe from the Cyber Resilience Act? 4 months, 4 weeks ago | blog.sonatype.com
act community cyber cyber resilience +9
Supply Chain Security Inside and Out 5 months ago | blog.sonatype.com
open source security secure software supply chain security sonatype repository firewall +3
7 Software License Types Explained: Open Source and Closed Source 5 months ago | blog.sonatype.com
advanced legal pack explained license open source +4
Explore a Refreshed Sonatype Platform: New Features, New Product Names 5 months ago | blog.sonatype.com
featured features names new features +6
The Impact of Security Testing on an Organization 5 months ago | blog.sonatype.com
dast devzone iast impact +6
Power Up Your Dependencies: The Parallels of SBOMs and Mario Kart 5 months ago | blog.sonatype.com
dependencies featured open source parallels +4
How to Convert Your SBOM Between SPDX and CycloneDX Formats 5 months ago | blog.sonatype.com
cyclonedx devsecops devzone open source +3
Protecting Software Developers from Malware with AI/ML Insights 5 months ago | blog.sonatype.com
address attacks developers devsecops +12
Wicked Good Development Episode 31: Testcontainers With Oleg Šelajev 5 months, 2 weeks ago | blog.sonatype.com
community development devzone podcast +2
Malware Monthly - March 2023 5 months, 2 weeks ago | blog.sonatype.com
devzone featured malware malware monthly +5
Another SolarWinds? The Latest Software Supply Chain Attack on 3CX 5 months, 2 weeks ago | blog.sonatype.com
3cx appsec attack industry commentary +10
Sonatype Repository Firewall is an Easy Solution for a Big Problem 5 months, 3 weeks ago | blog.sonatype.com
big featured firewall malware prevention +8
Sonatype’s Nexus Firewall is an Easy Solution for a Big Problem 5 months, 3 weeks ago | blog.sonatype.com
big featured firewall malware prevention +8
Post-Conference Tech Spec: Why Building Your Ship (Application) with Raw Materials is a Bad Idea 5 months, 3 weeks ago | blog.sonatype.com
application bad conference devsecops +6
Visualize Your Open Source Governance With BOM Doctor 5 months, 3 weeks ago | blog.sonatype.com
bom doctor governance open source open source tools +3
Sonatype Lifecycle Enhancements Boost Speed, Security, and Productivity 5 months, 3 weeks ago | blog.sonatype.com
lifecycle lifecycle cloud nexus lifecycle nexus platform +7
Wicked Good Development Episode 30: JUG, AKA the JAVA User Group 5 months, 4 weeks ago | blog.sonatype.com
community development devzone java +3
New Design, New Features: Maven Central Improvements for Developers 5 months, 4 weeks ago | blog.sonatype.com
change dependencies design developer +20
Cyber-readiness and Changing Federal Government SBOM Requirements 5 months, 4 weeks ago | blog.sonatype.com
addition attack biden changing +30
Manage Open Source Risk With Improved Malware Detection 5 months, 4 weeks ago | blog.sonatype.com
attacks business cybersecurity cybersecurity risk +30
ChatGPT Data Leak and Redis Race Condition Vulnerability That Remains Unfixed 5 months, 4 weeks ago | blog.sonatype.com
chatgpt data data leak leak +6
Sonatype's SBOM Generation Capabilities Outpace the Competition 6 months ago | blog.sonatype.com
bom doctor capabilities competition nexus lifecycle +5
[New Live Series] Dev Chat with Dan Conn: Beware of Malware 6 months ago | blog.sonatype.com
chat dan dev devzone +7
Top 8 Malicious Attacks Recently Found On PyPI 6 months, 1 week ago | blog.sonatype.com
attacks devzone featured malicious +3
Meet Frank Tingle: Values Champion 6 months, 1 week ago | blog.sonatype.com
frank sonatype core values sonatype values champions
Wicked Good Development Episode 29: White House Unveils New National Cybersecurity Strategy 6 months, 1 week ago | blog.sonatype.com
community cybersecurity cybersecurity strategy development +10
What is Hashing? A Look at Unique Identifiers in Software 6 months, 2 weeks ago | blog.sonatype.com
hashing open source security secure software supply chain software +1
Malware Monthly - February 2023 6 months, 2 weeks ago | blog.sonatype.com
devzone february malware malware monthly +4
How Coding Changed My Life 6 months, 2 weeks ago | blog.sonatype.com
awards coding employee spotlights international women's day +2
Wicked Good Development Episode 28: Simon Brown on Visualizing Software Architecture 6 months, 3 weeks ago | blog.sonatype.com
architecture community development devzone +3
White House National Cybersecurity Strategy: Landmark Action for a Critical Threat 6 months, 3 weeks ago | blog.sonatype.com
action attacks critical cybersecurity +23
New on Sonatype Learn: Easy Source Control Management (SCM) Onboarding 6 months, 4 weeks ago | blog.sonatype.com
control elearning how tos learn +6
How Stolen Information Stealers are Fueling an Underground Market 6 months, 4 weeks ago | blog.sonatype.com
cybercrime devzone information information stealers +6

Top (last 7 days)

SAST vs. DAST: Enhancing application security 5 days, 13 hours ago | blog.sonatype.com
application applications application security challenge +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Business Information Security Officer

@ Metrolink | Los Angeles, CA
View on infosec-jobs.com

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City
View on infosec-jobs.com

Security Engineer

@ ChartMogul | Remote, EU
View on infosec-jobs.com

Elastic Consultant - EMEA

@ Elasticsearch | Germany
View on infosec-jobs.com

Software Development Engineer, Security

@ Binance | Romania, Bucharest
View on infosec-jobs.com

Digital Network Exploitation Analyst III

@ Aperio Global, LLC | Fort Meade, Maryland, United States
View on infosec-jobs.com
View more jobs