Lesson Tag: Lesson 2

Developers – The Strongest Link

Developers have become the strongest link in the software supply chain because developers are at the center of everything. Developers have all the demands Everybody else understands and knows the rules At the end of the day, developers are the ones that get caught up if we shipped something that wasn’t supposed to be shipped …

Developers – The Strongest Link Read More »

Early Visibility

Remember that release where you had to get a patch out, and you discover that there’s an issue? And how this totally interrupted your workflow trying to get that patch out the door? This puts you in a position of being reactive. You’re going to look at it and ask yourself, can we get this …

Early Visibility Read More »

Acknowledging Your Existing Risk

Imagine you’ve got a project, a legacy system that is of moderate complexity, or maybe you’re new to this sort of application scanning.  You turn it on for the first time, and you’re inundated with data that you were unaware of before. This leads us to two specific questions. What is a good approach to …

Acknowledging Your Existing Risk Read More »

Additional Tooling

Sonatype provides many ways that you can add component intelligence to your development workflow that help you identify and select component information, recommended versions, and even migrate and remediate fixes, all in the environment you are already using. Below we have several use case scenarios for different plug-ins and when they will be helpful to …

Additional Tooling Read More »

IDE Plugins

Getting Started In this section, we’ll discuss the differences and review which IDEs are supported by Sonatype and what is available even if you don’t have an IQ Server license. Objectives By the end this lesson, you will be able to: List the IDEs that require an IQ Server license Identify which IDE works best for …

IDE Plugins Read More »

Lesson 2 Demo and Test Course – Private

Objectives By the end of this lesson, you will be able to: Objective Statement One Objective Statement Two Objective Statement Three <Heading Title> Content for heading ^^^ <Heading Title> Content for heading ^^^ Add and remove as needed Review this video to…

How Are Your Open Source Software Components Being Managed (Or Not)?

According to the 2019 DevSecOps Community Survey, nearly 40% of software development organizations with 100 developers or less believe their current infosec teams/processes are slowing them down; nearly 53% of software development organizations with more than 5000 developers believe their current infosec teams/processes are slowing them down. When integral security processes are at odds with …

How Are Your Open Source Software Components Being Managed (Or Not)? Read More »

Maven Hosted Repositories

In the previous section, you learned how to set up a proxy repository to Maven Central and use that to cache components from the public repo. This is hugely beneficial and saves time, but what do you do with internal components that aren’t downloaded from a public repository, but are used by various development teams …

Maven Hosted Repositories Read More »

Components and Formats

Objectives By the end of this lesson, you will be able to:  Describe what components are in Nexus Repository Manager.  Explain how Nexus Repository manages components.  Describe what formats are and which are supported in Nexus Repository Manager.   Determine how Nexus Repository Manager will work with components and formats in your environment.  What are Components In Nexus …

Components and Formats Read More »

elevate awards logo

NEW: The Elevate Awards!

Showcase your SDLC innovations and success stories, and earn recognition for your achievements!