<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

All Day DevOps Conference: Bringing DevOps to the World

An Audacious Plan

The global audience for DevOps is expanding faster than any one person or company can keep up with. While DevOps Days and other regional events provide invaluable support to their local communities, we want to create a global event, offering the best lineup of speakers.  We also wanted to make sure that anyone, anywhere can attend -- so we set a high bar for our organizing team...and they delivered: $0 registration.

Government Spotlight:  DevOps Accelerates Cyber Security

A Tale of Two Quakes

In 2010, a 7.0-magnitude earthquake devastated Haiti. The quake killed an estimated 230,000 people and sparked a massive global assistance response.  We all remember this tragedy.  Yet, six weeks later, a far stronger earthquake (8.8 magnitude) shook Chile. That quake killed 279 people and we saw fewer news headlines and a subdued global response.

Government Asks: What’s in Your Software?

U.S. Government pays closer attention to software components

Multiple agencies across the U.S. government are paying closer attention to the software they are buying.  More specifically, they want to know what open source and third party components were used to build the software applications.  The report notes:

How to Video Training: Open Source Component Management and Intelligence


As a developer I am constantly chasing new tools and enjoy learning new things. I read a lot of blog posts, tutorials and documentation. And I listen to podcasts and attend webinars as well. More and more I find that watching videos of conference and webinar presentations is great.  But even better are shorter, focused videos that give you a  chance to quickly learn something new.  

An Insider's View: Analyzing Software Supply Chains

I recently sat down for a spell with Bruce Mayhew, Director of Research and Development at Sonatype and co-author/project lead for OWASP WebGoat, to discuss his perspectives on the data revealed in this year's 2016 State of the Software Supply Chain Report. Here, he not only speaks about why the data within the report is so incredibly compelling, but also about how his team's research has come together in a way that surprises him, and might surprise you.

The 2016 State of Software Supply Chain Report

Our State of the Software Supply Chain Report has just been released.  Over the past year, we’ve amassed a great deal of data with respect to the staggering volume and variety of open source components flowing through software supply chains into development environments.  This year, we assessed behaviors across 3,000 organizations and performed deep analysis on over 25,000 applications.  

Nexus Repository 3.0: Most Frequently Asked Questions - Answered

Nexus Repository 3.0 has hit the streets and continues to spur insightful discussions on where we're headed with the platform. We recently held a one hour demonstration where we had off the chart community engagement with interactive QA. If you missed the demonstration, watch the recording here.