This week I woke up to find several emails from Nexus Lifecycle indicating that the products in my portfolio were potentially vulnerable due to their inclusion of Apache commons-collection. If you have no idea what I’m talking about, stop now and go read this factual and un-sensationalized account of the situation. I’ll wait.
This blog was contributed by Chenxi Wang, Chief Strategy Officer at Twistlock. Earlier this week, Sonatype announced a strategic partnership with Twistlock. The relationship is incredibly important to furthering automation and security across the software supply chain as it relates to container technologies. For this reason, we invited Chenxi Wang, Chief Strategy Officer from […]
Another BIG Milestone Active Nexus repository manager instances have grown to another record high. As of today, we surpassed the milestone of 60,000 active Nexus installations! And, YOU, our user community made it happen. With Nexus at the heart of software supply chains and everything continuous, we are excited about all of the great work being done […]
We, on the Nexus team, are pleased to announce the arrival of the Nexus 3 Milestone 5 release! Our focus in this milestone release was; hosting and proxying Docker registries, browsing and searching Docker images, browsing components and assets that belong to any repository format. Docker format capabilities in Nexus 3 are brand new and we are excited to have it going out into the wild so we can hear your feedback.
People want to get going with DevOps or Continuous Delivery, but need a place to start. Others are already on their way, but need some validation of their choices. In April, I published the first volume of DevOps and Continuous Delivery reference architectures which has now been viewed over 37,000 times on SlideShare (it’s free […]
Josh Corman had a busy week at BlackHat last week. During the chaos, CNBC news caught up with him to talk about recent cyber attacks and what can be expected in the future.
DevOps.com has compiled a list of companies they believe to be the most well known DevOps products in the market today. We are excited and honored to have Nexus nominated under the repository manager category. As DevOps.com put it — “To succeed in todays speed of business, app-centric world the old ways of doing business […]
You have been using Nexus repository managers for years, but did you know they offer a free reporting feature that details your component licenses, known security vulnerabilities, versions, age, and adoption rates? Your Nexus repository manager can be the first line of defense against security vulnerabilities and the perfect platform to assess your exposure to open […]
I was astonished to see that many, if not all, of the core Supply Chain Management principles have yet to be or are just starting to be applied to the software industry.
Imagine that you are designing the 2016 Range Rover line of sport utility vehicles. Like all gas powered vehicles, each one needs an exhaust muffler. Range Rover likely has narrowed in on a preferred provider of mufflers. But imagine what would happen if the designers and factory line workers could pick from any one of 27 past versions of that muffler from their preferred provider for the new model year.