<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

Josh Corman on Keeping up with Hackers [CNBC VIDEO]

Josh Corman had a busy week at BlackHat last week. During the chaos, CNBC news caught up with him to talk about recent cyber attacks and what can be expected in the future.

Make Nexus Part of the DevOps Dozen

DevOps.com has compiled a list of companies they believe to be the most well known DevOps products in the market today. We are excited and honored to have Nexus nominated under the repository manager category. As DevOps.com put it --

Automated Nexus Reports on Licenses, Security, and More

You have been using Nexus repository managers for years, but did you know they offer a free reporting feature that details your component licenses, known security vulnerabilities, versions, age, and adoption rates?

A Newcomer’s Perspective: Software Supply Chains

My Software Supply Chain Internship

I’m a senior at the University of Maryland, majoring in Supply Chain Management and Marketing. This summer, I landed an internship at a company that has a deep pedigree in software supply chains. While “software supply chains” may be just as new a term to you as it was me, an estimated 11 million developers rely on software supply chains, consuming billions of software component “parts” every year.

The Cost to DevOps: 27 Mufflers


Imagine that you are designing the 2016 Range Rover line of sport utility vehicles. Like all gas powered vehicles, each one needs an exhaust muffler. Range Rover likely has narrowed in on a preferred provider of mufflers. But imagine what would happen if the designers and factory line workers could pick from any one of 27 past versions of that muffler from their preferred provider for the new model year. Yup, choose any one — even if it is outdated, lower performance, does not meet current emission standards, or has a known defect. Order it, place it on the vehicle, then ship it.

Rework is Choking Software (2015 State of the Software Supply Chain Report)

Rework is Hell

“Software may be eating the world, but rework is choking software”, tweeted John Jeremiah (@j_jeremiah). To shed more light on what is choking software, new data was released last week in the 2015 State of the Software Supply Chain Report.

Better and Fewer Suppliers (2015 Software Supply Chain Report)

That Supplier is Better For You

Since releasing the 2015 State of the Software Supply Chain Report, there has been a lot of great discussion across the industry on best practices for managing the complexity introduced by the volume and velocity of the components used across your software supply chain.