How a Software Bill of Materials Uncovers Known Vulnerabilities

3 minute read time

How a Software Bill of Materials Uncovers Known Vulnerabilities
Read More...

Integrating with SonarQube

By Brian Fox on August 27, 2014 Sonatype Says

3 minute read time

Customers using CLM want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the.
Read More...

Are You Choosing the "Right" Component?

4 minute read time

In our recent open source developer survey we asked, what are the TOP FOUR characteristics considered when selecting a component? And since components are.
Read More...

4 Open Source Components You Need to Update Right Now

8 minute read time

Heartbleed has put the security community on notice: it is time to take a harder look at the security status of open source components and frameworks.
Read More...

The Sonatype 2014 Engineering Summit

By Mark Miller on April 28, 2014 Nexus Repo Reel

1 minute read time

The Sonatype 2014 Engineering Summit
Read More...

FinSvcs Working Group (FS-ISAC) Takes on Open Source Components

5 minute read time

Applications are becoming the primary security threat vector.
Read More...

Should your devops pipeline consider component intelligence?

By Manfred Moser on October 31, 2013 Nexus Repo Reel

3 minute read time

In the Nexus Live event John Nagro and Tom McLaughlin from HubSpot detailed how they are using Nexus as a repository for their development and release.
Read More...

Yes, Policies Can Actually Speed Development

By Derek Weeks on October 31, 2013 Nexus Repo Reel

5 minute read time

Yes, Policies Can Actually Speed Development
Read More...

Using Your Repository Manager to Optimize Component Usage

By Derek Weeks on September 24, 2013 Nexus Repo Reel

1 minute read time

Using Your Repository Manager to Optimize Component Usage
Read More...