A demand for real consequences: Sonatype's response to CISA's Secure by Design

By Brian Fox on February 23, 2024 thought leaders

7 minute read time

Sonatype's founder and CTO Brian Fox discusses more stringent enforcement mechanisms to encourage wider adoption of secure development practices
Read More...

Why SBOMs are essential for every organization

By Aaron Linskens on February 21, 2024 Cybersecurity

6 minute read time

Explore the big role of software bills of materials (SBOMs) in enhancing cybersecurity, managing vulnerabilities, and ensuring compliance with regulations
Read More...

How the SEC charges against SolarWinds highlight the cybersecurity liability of software companies

By Jeff Wayman on October 31, 2023 Cybersecurity

5 minute read time

Read about how the Securities and Exchange Commission charged SolarWinds and its chief information security officer for violating federal securities laws
Read More...

White House National Cybersecurity Strategy: Landmark action for a critical threat

By Brian Fox on March 02, 2023 Cybersecurity

5 minute read time

The Biden administration announced a new, historic National Cybersecurity Strategy calling for cybersecurity liability and increased investment.
Read More...

Cybersecurity and beyond: Why secure procurement is a must for your organization

By Michael Griffin on December 05, 2022 thought leaders

5 minute read time

Michael Griffin discusses how cybersecurity and mature procurement go hand-in-hand, and how Sonatype helps make sure that this process is secure.
Read More...

Arming the defender force and securing the software supply chain: Helping developers implement CISA best practices - Part 1

By Eric Hill on September 19, 2022 secure software supply chain

4 minute read time

Sonatype's Nexus Platform helps give DevSecOps practitioners the tools they need to help secure the software supply chain against malicious cyber attacks.
Read More...

Why developers are becoming the weakest link in supply chain attacks

5 minute read time

As cyber-attacks continue to grow, threat actors have shifted their focus from endpoints and end users to the software supply chain.
Read More...

Java serialisation - The gift that keeps on taking (Part 3)

By Steve Poole on July 02, 2022 Cybersecurity

7 minute read time

Part 3 of our issues with Java serialisation shares a deep dive into gadget chains and denial of service attacks.
Read More...

Six Memorable Sessions With Government DevSecOp Leaders: What We Learned

By Jason Green on May 07, 2020 Cybersecurity

4 minute read time

Chris Roberts, Ron Ross, Katie Arrington, Nicolas Chaillan, and Lauren Knausenberger join Sonatype leadership to discuss security trends in the government.
Read More...