Skip Navigation

A demand for real consequences: Sonatype's response to CISA's Secure by Design

By Brian Fox on February 23, 2024 thought leaders

7 minute read time

Sonatype's founder and CTO Brian Fox discusses more stringent enforcement mechanisms to encourage wider adoption of secure development practices
Read More...

Sonatype unveils state-of-the-art Artificial Intelligence Component Detection

By Crystal Derakhshan on February 22, 2024 Software Supply Chain

3 minute read time

Learn how Sonatype's AI/ML Component Detection transforms software development in an AI-driven world for top security, innovation and an easily managed software supply chain.
Read More...

Why SBOMs are essential for every organization

By Aaron Linskens on February 21, 2024 Cybersecurity

6 minute read time

Explore the big role of software bills of materials (SBOMs) in enhancing cybersecurity, managing vulnerabilities, and ensuring compliance with regulations
Read More...

Mastering SBOMs: Demonstrations

By Keiana King on February 20, 2024 Development strategy

3 minute read time

Sonatype's webinar highlighted real-world applications of software bills of materials (SBOMs) and provided uses cases for SBOM optimization
Read More...

How DevOps evolved into DevSecOps: Embracing security in software development

By Aaron Linskens on February 09, 2024 devsecops

3 minute read time

Understand how DevOps and DevSecOps are crucial to optimize software development and ensure security is not an afterthought in an SDLC.
Read More...

Mastering SBOMs: Best practices

By Keiana King on February 06, 2024 Development strategy

2 minute read time

Check out Sonatype's recent webinar that sheds light on the importance of software bills of materials (SBOMs) in software development.
Read More...

Exploited Ivanti Connect SSRF vulnerability traced back to 'xmltooling' OSS library

By Ax Sharma on February 05, 2024 vulnerability

5 minute read time

It might be a little known fact that one of the high severity zero-days found in Ivanti devices is actually present in an open source component that the company has deployed in its products. Ivanti's
Read More...

DevSecOps maturity model: A beginner's guide

By Aaron Linskens on January 26, 2024 devsecops

6 minute read time

Explore the concept of a maturity model within the context of DevSecOps which serves as a guide to fortify security practices within software development.
Read More...

npm flooded with 748 packages that store movies

By Ax Sharma on January 25, 2024 vulnerabilities

4 minute read time

The Sonatype Security Research team came across 748 packages flooding the npm software registry.
Read More...