<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

2017 State of the Software Supply Chain Report

We live in an application economy where software has shifted from being a driver of nominal efficiency gains to an enabler of new customer experiences and markets.

Innovation is king, speed is critical, and open source is center stage. To compete effectively on a global playing field, companies aren’t just writing software — they’re manufacturing it as fast as they can using an infinite supply of open source component parts, machine automation, and supply chain-like processes.

Vor Security brings OSS Index to Sonatype

Our data research team is always on the lookout for ways to expand Nexus Lifecycle’s coverage with new sources and feeds of data. A little under a year ago, we stumbled across OSS Index.net.

The Difference Between DevOps and Everything Else

 

In my role I get to attend several conferences, meet with customers, give talks, and sit on a lot of panel discussions where the main topic is DevOps. I can report that while there has been a decline in folks asking, "what is DevOps," it is a question that still lingers. For many, the conversation has moved on to discussing the challenges others have encountered in their DevOps adaptations. 

Microsoft Visual Studio integration with Nexus Lifecycle

We are excited to announce the availability of the Nexus IQ Server plugin for Microsoft Visual Studio users. Developers who use Visual Studio now have access to the precise component intelligence available in Nexus Lifecycle. They can easily identify which components meet corporate guidelines and which ones do not as soon as the component is selected. Having this intelligence directly within the IDE enables developers to choose components that are free from security vulnerabilities, license risk, and meets quality standards early in the SDLC.

Walmart Integrates Nexus, OneOps, Jenkins, Kubernetes into Distribution Center Management System

Walmart Logistics is integrating Nexus, Jenkins, Kubernetes, and OneOps open source software components into its management system for 200 plus of its disribution centers in an effort to set up each center as its own cloud. The goal is for each application to function autonomously, just like the distribution centers themselves.

Automated Enforcement: The Not So Subtle Difference Between Sonatype Nexus and Everyone Else

We live in an application economy. Software has become the strategic weapon of choice for competing and winning on a global playing field.  This is a world where innovation is king, speed is critical, and open source is center stage.

Heartbleed: The Open Source Vulnerability that Keeps on Giving (and Taking)

Disclosed in April 2014, Heartbleed is the vulnerability gift that keeps on giving to some -- and taking away from others.  The latest example of this dynamic surfaced today when ICO, the UK's data regulator, levied a £100,000 fine against the Gloucester City Council for poor hygiene which resulted in the theft of employees personal information.