<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

CLM Customer Impressions

We thought it would be interesting to share some of the feedback that we are getting from early CLM customers.

Announcing Sonatype CLM (Component Lifecycle Management)

We're pleased to announce Sonatype CLM (Component Lifecycle Management). Although this is the official release date, we've been building off a number of mature technologies and we already have customers in production.

Only 1 Day Left! Webinar: Security At The Speed Of Development featuring Wendy Nather, 451 Research & Ryan Berg, Sonatype

We have a problem. Application development has become agile, component-based, and open source dependent. But security approaches haven't kept up. Every day we're forced to make the dangerous choice between speed and security, putting Development and Security at odds. There has to be a better way.

Join Wendy Nather, Research Director, Security, at 451 Research tomorrow, Tuesday, April 30 from 11:00AM-11:45AM EDT (GMT-0400) to understand:

  • The changes in application development that have left security behind.
  • Limitations of existing security approaches that could leave your organization exposed.
  • The new requirements that are driving security to align with application development.

In addition, Sonatype CSO Ryan Berg will provide a brief overview of Sonatype CLM, a new application security platform designed specifically for today's applications and for managing the modern software supply chain.

Reserve Your Seat

If you register, you'll also receive access to the recording after the event. So if something comes up and you can't make it, you won't miss out.

Exploit for recently patched Java flaw added to CrimeBoss exploit kit

The popular CrimeBoss exploit kit was updated to include a Java exploit that was recently patched to allow the exploit kit to target unpatched systems.

Join Us: Nexus Office Hours --- This Friday!

Wondering what's new in Nexus? Just ask the experts.

We're hosting another Nexus Office Hours this Friday, on Google+ Hangout On Air. Our Nexus experts Brian Fox, Manfred Moser and Rich Seddon will demo the latest in Nexus and dedicate most of the hour to Q&A time with you!

When Nexus Alone Is Not Enough - Webinar Recording Now Available!

A big thanks goes out to everyone who was able to make it to our webinar yesterday. We appreciated all of your time, attention and great questions. If you weren't able to make it, no worries --- the recording is now available here.

Going to InfoSecurity Europe next week? We'll see you there!

 

New Webinar: Security at the Speed of Development with Wendy Nather, 451 Research

Tuesday, April 30, 2013 - 11:00AM-11:45AM EDT (GMT-0400)

We have a problem. Application development has become agile, component-based, and open-source-dependent. We're delivering more software faster than ever before, but security approaches haven't kept up. Every day we're forced to make the dangerous choice between speed and security, putting Development and Security at odds. There has to be a better way.

Sonatype Will Be At SANS AppSec Summit 2013 - Will You?

Sonatype is a proud sponsor of SANS AppSec Summit 2013 and we can't wait! It's just around the corner, being held from Monday, April 22-Saturday, April 27 in Austin, TX. Be sure to swing by our tabletop on Tuesday, April 23 or Wednesday, April 24 and we'll be on-hand to help answer your questions. We’ll also be demoing CLM and would love to get your feedback.

Underground software suffers from copy and paste

Buggy DIY botnet tool leaks in black market. A new botnet generation tool being sold for $10,000 was observed by a researcher on underground markets. However, the tool was considered buggy by users discussing it since it uses copied source code from other tools.

Here phishy phishy, 8 in 10 companies suffered web-borne attacks.

A survey conducted by Webroot found that 80 percent of companies experienced at least one variety of Web-borne attacks in 2012, and that phishing was the most common attack, among other findings.