Resources

Events & Webinars

Jenkins logo

Jenkins User Conference Santa Clara

Date: September 2-3, 2015
Location: Santa Clara Convention Center

The world’s biggest conference for Jenkins users, by Jenkins users. Come learn how to optimize Jenkins across the software delivery process! Sonatype is proud to be a platinum sponsor for the event.

more
FBC logo

NSA Information Assurance Symposium

Date: June 29- July 1, 2015
Location: Walter E. Washington Convention Center Ballroom - Washington, D.C.

The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred Information Assurance event of the year. Leaders and practitioners will deliver vital and relevant answers, direction, and best practice advice for carrying out the Information Assurance mission. The IAS brings, policy, governance, technology, hands-on training and networking opportunities to attendees from across government, industry, and academia.

more
Jenkins logo

Jenkins User Conference London

Date: June 23-24, 2015
Location: Hilton Metropole

The world’s biggest conference for Jenkins users, by Jenkins users. Come learn how to optimize Jenkins across the software delivery process! Sonatype is proud to be a platinum sponsor for the event.

more
Jenkins logo

Jenkins User Conference DC

Date: June 18-19, 2015
Location: Hilton Alexandra Mark Center

The world’s biggest conference for Jenkins users, by Jenkins users. Come learn how to optimize Jenkins across the software delivery process! Sonatype is proud to be a platinum sponsor for the event.

more
Devoxx logo

Devoxx

Date: June 17-19, 2015
Location: Business Design Center London

Devoxx UK is a conference focused on Java, web, mobile and JVM languages, and is run by top developer talent, community groups and expert event specialists. It takes place at the Business Design Centre, London, 17th – 19th June, 2015. Sonatype is proud to be a bronze sponsor for the event.

more
DevOps DC logo

DevOps Days DC

Date: June 11-12, 2015
Location: US Patent & Trademark Office - Alexandria, VA

DevOpsDays is coming to Washington, DC! Whether you're in government, academia, or the private sector, DevOpsDays is for you. Whether you're in operations, development, QA, security, or any other department, DevOpsDays is for you. Whether you want to learn about DevOps, share your experiences, or just talk shop with DevOps practitioners, DevOpsDays is for you. Sonatype is proud to be a gold sponsor for this event.

more
Qcon logo

QCon New York

Date: June 10-12, 2015
Location: New York Marriott at the Brooklyn Bridge

QCon empowers software development by facilitating the spread of knowledge and innovation in the developer community. A practitioner-driven conference, QCon is designed for technical team leads, architects, engineering directors, and project managers who influence innovation in their teams.

more
InfoSec logo

InfoSecurity EU

Date: June 2-4, 2015
Location: London, UK

Infosecurity Europe is Europe's number one information security event. Featuring over 345 exhibiting vendors and services suppliers with the most diverse range of new products and services, an unrivalled education program and over 15,000 industry professionals travelling from over 70 countries, it is the most important date in the calendar for Information Security professionals across Europe. Visit Sonatype at booth G172.

more

Nexus Live: October 9, 2014 1:00pm EDT, TheNEXUS Community Sneak Peak

On-Demand Recording: Streamed October 9, 2014

During the October 2014 broadcast of Nexus Live we were able to catch up with Gene Kim and Josh Corman to find out what’s in store for the DevOps Enterprise Summit in the Bay Area at the end of the month. We also took a quick look at TheNEXUS, the new community site for Nexus, Nexus Pro and CLM. Take a look.

more
Sonatype Webinar

Webinar: See the Sonatype Product Roadmap Revealed

Original Broadcast Date: September 25, 2014

For years, development teams and now security professionals have looked to Sonatype for better management of open source and third party components across the software supply chain. Watch our live product roadmap discussion to learn more about our commitment to helping you achieve real business value from your enterprise applications more quickly - with efficiency, quality and security addressed across the software lifecycle. See how with new product advancements for more component languages, a consolidated risk management dashboard and expanded integration points across the SDLC can bring your organization enterprise-class component management to your development operations.

more
Sonatype Webinar

ISSA Webinar: What's in your Software? Identifying Open Source Vulnerabilities

Date: September 23, 2014
Time: 12:00pm EDT

New software enters our security ecosystems daily. When we evaluate the software we look for vulnerabilities in the product. Of course we run functional tests, or break out our favorite scanner, to see if there is embedded malware or dangerous deployment requirements, or even bugs in the program. When done, it gets deployed. What happens after deployment is important, but also gets missed. Of course we will catch new vulnerabilities that are directly related to the product, but what about vulnerabilities in the third party components included in the product? Recently this point was driven home by the numerous vulnerabilities in OpenSSL. Most people usually hear about it when it comes as an update from the vendor. What can you do about it? This panel will leverage the insight from seasoned industry leaders as we hear their thoughts.

more
Sonatype Webinar

Webinar: Open Source Development and Application Security Survey: The Results are In!

Over 3,300 participated! The final results of our 4th Annual Open Source and Application Security Survey are in. Adrian Lane from Securosis and Brian Fox from Sonatype provide a detailed breakdown of the findings from a developer and an application security perspective. They discuss policies, practices, and breaches as well as how organizations can use these results to create constructive conversations to feed their open source security management practices.

more

RSA Webinar: Software Liability?: The Worst Possible Idea (Except for all Others)

On-Demand Recording: Streamed Thursday, May 29, 2014

While many had hoped that market competition would influence security improvements, customers are forced to accept software as is with no alternatives. Software is responsible for our critical infrastructure, cars, medical devices and is a part of our daily lives including our well-being. Will we be able to achieve better software security without vendors facing financial consequences?

more
Sonatype Webinar

Webinar: Lessons Learned from Heartbleed, Struts and the Neglected 90%

On-Demand Recording: Streamed May 1st, 2014

Watch this insightful and witty discussion between two old pals, Wendy Nather, Security Research Director at 451 Research and Josh Corman, CTO at Sonatype on the state of application security today. They share their perspectives on the changing landscape of application development and how this is impacting common application security approaches. They agree the dramatic shift from source code to component based development has created an open source security gap. With component vulnerabilities becoming national news, Heartbleed, Struts and the promise of more to come, now is the time to address this growing security gap.

more
Sonatype Press Release

Webinar: FS-ISAC Best Practices for Managing Risk from Open Source Libraries & Components

On-Demand Recording

In December of 2013, the FS-ISAC Third Party Software Security Working Group released new controls to manage risk associated with open source libraries and components. These controls recommend financial institutions apply policy management and enforcement as well as inventory management for open source libraries and components used in their application portfolio. Webinar features Jim Routh, Aetna's Chief Security Officer and Joshua Corman, Sonatype's Chief Technology Officer.

more

Nexus Live: December 2013 with Tyler Jewell, CEO of Codenvy

On-Demand Recording: Streamed December 19, 2013

Watch our December Nexus Live event featuring Tyler Jewell, CEO of Codenvy. Codenvy runs a cloud based development and deployment environment in a true devops fashion. Tyler shares how Codenvy uses Nexus as part of their build pipeline.

more

Nexus Live: November 2013 with Kyle Allan from Riot

On-Demand Recording: Streamed November 21, 2013

We continued our DevOps focus for the month of November and were joined by Kyle Allan from Riot Games. Kyle shared how Riot Games uses Chef to install Nexus. He also shared how they are using the Nexus REST API in the command line interface and a Nexus cookbook he has open sourced. Watch the recording to learn how to extend the value of Nexus into your deployment environment.

more

Nexus Live: October 2013 featuring Puppet

On-Demand Recording: Streamed October 23, 2013

Learn how Hubspot.com developed a system using Puppet that provisions Nexus instances into a deployment platform in a DevOps manner.

more

Nexus Live: September 2013 featuring the Nexus user survey

On-Demand Recording: Streamed September 11, 2013

Watch our live panel discussions with Nexus experts where they highlight survey results from our most advanced Nexus users. Learn what development tools work with Nexus, what features users value most and see how over half of users survey are interested in extending component management beyond their repository manager.

more

Nexus Live: July 2013 profiling Nexus with JMX

On-Demand Recording: Streamed on July 17, 2013

Watch our July session to learn how to profile your Nexus installation with JMX and hear from the Maven creator, Jason van Zyl on the highlights of the newest Maven 3.1.0 release.

more

Awards

Codie INC 500 Red Herring SD Times NVTC RSA Gartner