<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

Internet of Things Cybersecurity Improvement Act of 2017

The United States Senate is making moves to protect consumer interests, data, and privacy with regard to the Internet of Things (IoT).  Today, U.S. Senator’s Mark R. Warner (D-VA) and Cory Gardner (R-CO), co-chairs of the Senate Cybersecurity Caucus, along with Sens. Ron Wyden (D-WA) and Steve Daines (R-MT) introduced bipartisan legislation called the Internet of Things Cybersecurity Improvement Act of 2017.

The Curious Case of a German Smartphone: Why Software Supply Hygiene Matters

A consumer advocacy group in Germany has filed a law suit against a retailer in Cologne that sold an inexpensive smartphone made by Mobistel.

2017 State of the Software Supply Chain Report

We live in an application economy where software has shifted from being a driver of nominal efficiency gains to an enabler of new customer experiences and markets.

Innovation is king, speed is critical, and open source is center stage. To compete effectively on a global playing field, companies aren’t just writing software — they’re manufacturing it as fast as they can using an infinite supply of open source component parts, machine automation, and supply chain-like processes.

Vor Security brings OSS Index to Sonatype

Our data research team is always on the lookout for ways to expand Nexus Lifecycle’s coverage with new sources and feeds of data. A little under a year ago, we stumbled across OSS Index.net.

The Difference Between DevOps and Everything Else

 

In my role I get to attend several conferences, meet with customers, give talks, and sit on a lot of panel discussions where the main topic is DevOps. I can report that while there has been a decline in folks asking, "what is DevOps," it is a question that still lingers. For many, the conversation has moved on to discussing the challenges others have encountered in their DevOps adaptations. 

Microsoft Visual Studio integration with Nexus Lifecycle

We are excited to announce the availability of the Nexus IQ Server plugin for Microsoft Visual Studio users. Developers who use Visual Studio now have access to the precise component intelligence available in Nexus Lifecycle. They can easily identify which components meet corporate guidelines and which ones do not as soon as the component is selected. Having this intelligence directly within the IDE enables developers to choose components that are free from security vulnerabilities, license risk, and meets quality standards early in the SDLC.

Walmart Integrates Nexus, OneOps, Jenkins, Kubernetes into Distribution Center Management System

Walmart Logistics is integrating Nexus, Jenkins, Kubernetes, and OneOps open source software components into its management system for 200 plus of its disribution centers in an effort to set up each center as its own cloud. The goal is for each application to function autonomously, just like the distribution centers themselves.