All Research Sponsored By:Sonatype
-
Sonatype Software Supply Chain Risk Management
The Sonatype platform helps organizations meet NIST SP 800-218 and CISA attestation requirements for secure software development. It provides comprehensive visibility, control, and automation to manage software supply chain risk and build secure applications. Learn more in this white paper.
-
What DORA Means for Financial Entities in the EU
In January of 2025, the EU will begin enforcing the Digital Operational Resilience Act (DORA). This guide provides a more detailed breakdown of the compliance law and provides you with the information and resources you need to prepare your organization to meet the regulations. Access now to learn more.
-
Putting NIS2 into Context
The EU's updated cybersecurity legislation, NIS2, strengthens security requirements for critical infrastructure. Learn how the Sonatype platform can help organizations address NIS2 compliance challenges and enhance software development processes. Read the 7-page white paper.
-
Meet CRA Compliance Requirements with Sonatype
The Cyber Resilience Act (CRA) was developed to improve the cybersecurity of digital products by establishing essential requirements for manufacturers to ensure their products reach the market with fewer vulnerabilities. This user’s guide aims to shed light on CRA compliance. Read on to learn more.
-
The Risks & Rewards of Generative Al in Software Development
This Sonatype report, “The Risks & Rewards of Generative Al in Software Development,” details where developers and security teams differ and agree on GenAI. Dive into the report.
-
Evolve Faster Than the Threat
This white paper examines cyber threats to software supply chains and open source components, noting the increased attack surface due to third-party code use. It recommends automating open source governance in the development lifecycle to mitigate risks. Read the white paper here.
-
From Reactive to Proactive
How can your organization’s software development practices be agile yet secure? Exploring how to approach that balancing act, this white paper highlights the importance of a proactive stance for software supply chain security. To discover how to adopt that stance, dig into the 10-page paper.
-
Part 1 - Mastering SBOMs - Best Practices
For DevSecOps processes, software bills of material (SBOMs) provide internal visibility into software to help better understand what is being used and where there could be a potential risk. In this webcast, experts from DXC, AWS, and Sonatype combine their expertise to discuss the importance of SBOMs in software development. Watch to learn more.
-
Part 2 - SBOMs in Action- Demonstrations
This webinar is part two of “The Power of SBOMs: Securing the software supply chain” series. This time around, the talk is focused on:Case studies in regulated industriesA demo of SBOM ManagementDiscussion on SBOM use casesThis talk features Robert Haas, DXC Technology, Marc Luescher, AWS and Ilkka Turunen, Sonatype. Watch the webinar.
-
Debunking the Myth of Security vs. Productivity
In this white paper, you’ll learn why the notion that security must be sacrificed for productivity is a myth and discover a solution designed to safeguard the software supply chain from open source dangers without compromising efficiency. Read on to learn how you can mitigate risks and secure your software pipeline while maintaining productivity.
-
The Effects of AI on Developers
AI tools will benefit developers at all levels by handling repetitive tasks, serving as references, and mentoring juniors. Learn more about how this will work in this white paper.
-
Government Intervention, The Rise Of The SBOM And The Evolution Of Software Supply Chain Security
How are regulatory initiatives like the Biden administration’s “Securing Open Source Software Act” impacting software development and security? To find out, Censuswide surveyed 217 IT directors. Review the findings in this 9-page report by Sonatype.
-
Our Top 5 Vulnerable Open Source Components
Software dependencies can equal open-source vulnerabilities. To empower your developers in leveraging open-source components while mitigating risk, read this white paper. Inside, Sonatype evaluates the top 5 open-source components, their vulnerabilities, and remediation recommendations.