Tag Archives: Insight

Use Maven to Find Security Vulnerabilities and Viral Licenses in Applications


October 10, 2012 By
Bentmann Benjamin

A few months ago, we launched Insight Application Health Check. Today, I’d like to announce another way to get started tracking licensing and security issues. In this post, I’m going to show you how to scan your project with nothing more than Maven and an existing project. You can get started with Insight without having […]

Continue reading...

Dogfooding Sonatype Insight: We found Vulnerabilities in Nexus


August 13, 2012 By
Tim O'Brien

“Dogfooding” is such a strange word, and I’m using it as a substitute for “Eating your own dog food”. As we do have a global audience, I worry that the term is somewhat provincial (and maybe a bit strange out of context). So here, here’s the explanation of this idiom on Wikipedia. Sonatype is “recursive”. […]

Continue reading...

Why Insight App Health Check is so Important: Java Flaws Increasingly Targeted By Attackers


July 25, 2012 By
The Vigilant Application Owner

Check out this news story that broke earlier in the week: Java flaws are “increasingly targeted by attackers”. This story was filed by IDG News Service from the Black Hat USA 2012 conference, and it points at a trend we’ve also noticed. The world is waking up to the fact that Java is an attractive […]

Continue reading...

Component Lifecycle Management with your Apache Maven Infrastructure


July 5, 2012 By
Jason van Zyl

The way software is being developed has changed over the last ten years, it has shifted from companies developing the vast majority of their own software to a software development approach that depends on open source components that are freely available. Today, the vast majority (upwards of 90%) of Java-based applications are assembled from components. […]

Continue reading...

The Time to Pay Attention to Application Security is Now


June 12, 2012 By
Tim O'Brien

When we announced Insight for CI a few weeks ago, our message was simple “Get Proactive about Security with Insight”. A few months ago, when we introduced the Repository Health Check in Nexus Professional, we had a similar message about licensing, “Lead or Be Led to OSS Compliance”. For months we’ve been making the case […]

Continue reading...

Get proactive about Security with Insight


May 25, 2012 By
Tim O'Brien

There’s a shift in the way organizations are thinking about security, and This article in Infoworld “IBM: Security execs move more toward active risk management” is exactly what we’ve been talking about. Here’s the quote that stood out: “Nearly two-thirds of security leaders say their senior executives are paying more attention to security today than […]

Continue reading...

Insight for CI Demo: Additional Session Added


May 18, 2012 By
Emily Blades

Due to high demand, we have added a second webinar presentation next Wednesday at 2PM EDT (GMT-0400) to accommodate multiple time zones. Here are the details for the presentation: Join Brian Fox this Wednesday, May 23 at 11AM EDT or 2PM EDT (GMT-0400) for a 30 minute tour of Insight for CI. In this demo, […]

Continue reading...

Last Chance! Webinar: Manage Your Components at Build Time in Hudson & Jenkins


May 2, 2012 By
Emily Blades

Know What’s In Your Builds? Join Brian Fox tomorrow, Thursday, May 3 at 11AM EDT (GMT-0400) for a 30 minute sneak preview of our latest innovation, Insight for CI. Brian will show you how Insight for CI will help you: Gain visibility and control at build time in Hudson and Jenkins. Find and fix license, […]

Continue reading...