Sonatype Press Release

Event: OWASP Atlanta Meetup - Hidden Risks of Component Based Development

Date: May 22, 2014
Time: 6:00 PM EDT
Location: Atlanta, GA

Join Ryan Berg as he shares real world data on component risks, outlines the scope of the problem, and proposes approaches for managing these risks. You'll learn how security professionals can work cooperatively with application developers to reduce risk AND boost developer efficiency.

Sonatype Press Release

Event: FS-ISAC Spring Summit 2014

Date: May 4-7, 2014
Location: Amelia Island, FL

In December of 2013, the FS-ISAC Third Party Software Security Working Group released new controls to manage risk associated with open source libraries and components.

These controls recommend financial institutions apply policy management and enforcement as well as inventory management for open source libraries and components used in their application portfolio. To learn more about best practices for managing risk from 3rd party software and open source components, stop by our booth.

Sonatype Webinar

Webinar: Lessons Learned from Heartbleed, Struts and the Neglected 90%

Date: May 1st, 2014
Time: 9 AM PDT
Location: Online

The pressures of modern application development require us to build high quality software in short order. Because of this, we’ve seen a dramatic shift from source code to component-based development, where now 90% of the typical application is assembled using open source and third party components. Unfortunately, our dependence on components is growing faster than our ability to secure them.

Sonatype Press Release

Event: Breakfast Briefing & Hartford User Group

Date: April 30, 2014
Time: 8:30 AM - Noon Breakfast Briefing, Noon - 1 PM User Group Lunch
Location: Marquee Events, Hartford, CT

Are your security and risk management practices prepared to scale with your development practices?

With the move towards agile development and continuous delivery – comes a dramatic increase in the use of third party and open source components to fuel innovation and speed development. In fact, Gartner predicts that by 2015 ninety-nine percent of mission critical applications in global 2000 companies will use open source components.

Sonatype Press Release

Infosec Europe

Sonatype is leading the component revolution. The company’s innovative Component Lifecycle Management products enable organizations to realize the promise of agile, component-based software development while avoiding security, quality and licensing risks. Visit Sonatype at booth L73 to learn more about how we help organizations build trusted software and it keep it trusted over time. more
Sonatype Press Release

Great Wide Open

Sonatype’s CSO, Ryan Berg will be presenting at the Great Wide Open event on Thursday, April 3rd at 2:30 – 3:15. more
Sonatype Press Release

AFCEA Homeland Security Conference

Sonatype is a committed partner and contributing member to the software assurance framework where we are providing our technology to help ensure practitioners and managers are building and delivering high quality software free of defects and flaws. more
Sonatype Press Release

RSA 2014, Exhibitor

Date: February 24-28, 2014

What are you doing about the new OWASP risk, A9 – using components with known vulnerabilities? Visit Sonatype in the South Expo Hall at booth #2327 to learn how to reduce your component risk.

Sonatype Press Release

DevNexus, Silver Sponsor

Date: February 24 – 25

Sonatype is a silver sponsor in Atlanta’s most exciting conference for professional software developers. Join us to discover how the industry’s best minds use the latest technologies to build solutions to business problems. Network with other Atlanta software developers, and study real life case studies in application design and development. We hope to see you there.

Sonatype Press Release


Date: Friday, December 6, 2013 9:30AM-6:00PM EST (GMT-0500)
Location: Sterling, VA

Sonatype Press Release

AppSec USA

Date: November 18-21, 2013
Location: New York City, New York more


Codie INC 500 Red Herring SD Times NVTC RSA Gartner