The Sonatype Lifecycle Champions Workshop introduces advanced concepts on reporting and remediation workflows.
A one-day workshop on training the champions who will train your development teams.
Schedule a champion's workshop after your policy workshop.
View remediation best practices for details.
Initial scans are noisy as you fine-tune your policies
Provide development teams time to review the initial reports
Automate notifications for newly discovered violations only
Avoid nagging on technical debt. The scan-and-scold is rarely effective
Track achievable goals to celebrate developer success
Measure against initial outcomes to keep your goals in focus
Socialize expectations and train development teams
Hands-on training is more successful than email links to a scan report.
Use common socializing tools to set expectations and provide immediate support.
Lunch and learns
Developer workshops
Slack channels
Component remediation catalog
Remediation decision trees and workflows
Use short-term waivers for issues that will take longer to complete