Resources Blog Helping Developers Reduce Open Source Risk Helping Developers Reduce Open Source Risk


Last week, shared a story of an inflection point in application security. Lucian Constantin discussed how there needs to be a shift from manual open source risk analysis to more automated approaches. His article stated, “The notion of using manual audits, manual approvals and traditional governance to deal with that level of [open source component] consumption is just impossible.” Lucian also described how Sonatype’s new release of CLM helps companies automate open source risk analysis, governance, and reporting.

You can read the full article on here.



Picture of Derek Weeks

Written by Derek Weeks

Derek serves as vice president and DevOps advocate at Sonatype and is the co-founder of All Day DevOps -- an online community of 65,000 IT professionals.