Elite DevSecOps teams identify and remediate OSS vulnerabilities 26x faster 


For the second year in a row, Sonatype’s open source and security research team collaborated with Gene Kim and Dr. Stephen Magill to examine how high performance DevSecOps teams prioritize productivity and security practices to achieve better business outcomes.

The findings are clear: accelerating development improves security outcomes, high performers have happier developers, and next-generation adversary threats are shifting cybersecurity investments earlier in the SDLC. For example, you will learn:

  • Why elite DevSecOps teams are 33x more confident that they are using secure OSS components
  • Why high performers are 96% more likely to centrally centrally scan all OSS and development artifacts
  • How next-gen OSS attacks increased 430% when adversaries changed attack strategies in a post-Equifax world.

Watch this on-demand webinar discussing how elite teams are prioritizing productivity and security practices that lead to better DevSecOps outcomes.


Headshot_Hexagon_GeneKim@2x Headshot_Hexagon_StephenMagill@2x Derek-Weeks-Son@2x
Gene Kim,
IT Revolution
Stephen Magill,
Derek Weeks,


Sonatype Envelope

Ready to Try Sonatype?

Secure and automate your software supply chain.