Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

The Results

Integrate Automated Security

More likely to integrate automated security when DevOps practices are mature

Increase in breaches

Increase in breaches related to open source components

Higher Cyber Readiness

Higher cyber readiness profiles for mature DevOps practices

Are your software applications secure?

What the Experts are Saying

Helen Beal

“The appeal of using one technology that’s free rather than buying a licensed, chargeable piece of software is apparent. But so are the risks. It is concerning that some developers are simply ignoring the policies crafted and communicated for their organisations, likely for the sake of speed and costs.”

Helen Beal, DevOpsologist | Ranger4 | United Kingdom
Joost van der Griendt

“Just like testing and refactoring have been recognized everyday, isolated steps in the development cycle, so to should security."

Joost van der Griendt , ABN AMRO | The Netherlands
Pauly Comtois

"Making security a natural part of the SDLC will make it more resilient and valuable. It should be 'something we do' rather than 'something we are told to do'."

Pauly Comtois, Hearst Business Media | United States
Barry O'Connell

"Who can sleep if they are worried that their code is insecure?"

Barry O’Connell, Deutsche Bank | United Kingdom
Skjalg Teig

"Security feels too widely regarded as a hurdle, to be overcome once, when it should be a fluent part of everyday development."

Skjalg Teig, Capra Consulting | Norway
Liz Keogh

"Involving external groups to perform security tests (e.g., pen testing) is expensive and doesn’t scale when we’re releasing frequently. We need to build security in, the same way that we build quality in."

Liz Keogh, Lunivore Limited | United Kingdom

How Others Run DevSecOps