Ranger4 DevOps Blog

The Importance of Having an Open Source Policy

Posted by Helen Beal on Wed, Apr 18, 2018 @ 14:04 PM

Our wonderful friends at Sonatype just released the results of their annual DevSecOps survey. For the full results you can download the report. I wrote this article for an ebook where it's collated with a number of other articles from other practitioners - you can download the ebook here.

In 2017, 57% of all participants in the DevSecOps Community survey confirmed that, yes, they did have an open source policy. In 2018 this has risen to 64% - but 35% say they ignore it.

Breaking that down further: in 2018, 58% of those with no DevOps practices and 77% of those with mature DevOps practices reported having an open source policy. 46% of the former and 24% of the latter reported ignoring it. Effectively, that’s then just 12% of organisations with no DevOps practices actually using an open source policy, while 53% with mature practices are following internal regulations. Having, and using, an open source policy is then an indicator of mature DevOps practices.

Read More

Topics: DevSecOps Engineer, Sonatype

Sonatype Release New Capabilities That Represent the World’s First Definitive Database and Coordinate System Capable of Precisely Identifying JavaScript Components and Versions

Posted by Steve Green on Wed, Oct 19, 2016 @ 14:10 PM

Ranger4 partner, Sonatype, the leader in software supply chain automation, yesterday unveiled an updated version of the Nexus platform that provides modern development organizations with unmatched, precise intelligence about npm and JavaScript components so they can continuously deliver higher quality software through DevOps automation and scale.

Read More

Topics: DevSecOps, Security, Rugged DevOps, Sonatype