Personal Information
Industry
Technology / Software / Internet
Website
About
Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don't have to make the tradeoff between going fast and being secure. Policy automation, ongoing monitoring and proactive alerts makes it easy to have full visibility and control of components throughout the software supply chain so that applications start secure and remain that way over time. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Bay Partners, Hummer Winbla
Contact Details
Tags
devops
all day devops
capital one
ansible
sonatype
continuous delivery
docker
jenkins
puppet
rugged devops
chef
devsecops
owasp
open source
intuit
kms
iam
blue team
aws kms
security monitoring
multi-security checkpoints
red team
mesosphere
container orchestrator
refactor
aws lambda
rancher labs
security policy
systems hardening
infrastructure as code
immutable infrastructure
microservices
refactoring
aws
kubernetes
serverless
continuous deployment
application security
tools
culture
legacy apps
waterfall
teamcity
devops legacy apps
roles
continuous everyone
monolithic architectures
meta infrastructure as code
bamboo
enterprise transformations
marathon
fannie mae
infrastructure
software security risks
open source governance
agile
secure devops
automating security
purpose
security
open source security
sonatype nexus
containers
nexus
maven
monitoring
java
agile software development
open source development
software development
information security
component lifecycle management
component security
nexus pro
code
policy
reference architecture
jira
josh corman
devopssec
repository manager
repository management
software development risks
gene kim
appdev
oss security risks
mark miller
appsec
chris eng
component vulnerabilities
support
automated security
server
continuous pipeline
heartbleed
architecture
pipeline
data breaches
stacking
game show
matt tesauro
infosec
codes
security news
contrast
joshua corman
europe
software
clm
vulnerable components
nexus repository
sdlc
ci/cd
discovery
repository
application development
component repository
hp fortify
alerting
continuous integration
servers
sonarqube
google
pci requirements
terraform
static analysis
twistlock
devsevops
struts
gaunltl
deming
aqua
dell
rsa
software supply chain automation
clustering
find bugs
ant
owasp zap
rundeck
software supply chains
sonar
gradle
eclipse
success
policy guidelines
application
docker private registry
docker hub
risk management
supply chain
software supply chain
nexus firewall
continuous integraton
nexus lifecycle
threadfix
subversion
compliance
software testing
platform
github
nessus
owasp depedency check
jez humble
2015
checkpoint
artifact repository
artifactory
forensics
See more
- Presentations
- Documents
- Infographics