Skip Navigation
Book a Demo
Book a Demo

Featured Article

Sonatype Unveils State-of-the-Art Artificial Intelligence Component Detection

By Crystal Derakhshan on February 22, 2024 Software Supply Chain

Learn how Sonatype's AI/ML Component Detection transforms software development in an AI-driven world for top security, innovation and an easily managed software supply chain.

Read More

SHARE:

Sonatype_Blog_Logo_White
Introducing AI and ML component detection
READ MORE

Sonatype Unveils State-of-the-Art Artificial Intelligence Component Detection

By Crystal Derakhshan on February 22, 2024 Software Supply Chain

3 minute read time

Learn how Sonatype's AI/ML Component Detection transforms software development in an AI-driven world for top security, innovation and an easily managed software supply chain.
Read More...
READ MORE

Why SBOMs are essential for every organization

By Aaron Linskens on February 21, 2024 Cybersecurity

6 minute read time

Explore the big role of software bills of materials (SBOMs) in enhancing cybersecurity, managing vulnerabilities, and ensuring compliance with regulations
Read More...
READ MORE

Mastering SBOMs: Demonstrations

By Keiana King on February 20, 2024 Development strategy

3 minute read time

Sonatype's webinar highlighted real-world applications of software bills of materials (SBOMs) and provided uses cases for SBOM optimization
Read More...
READ MORE

How DevOps evolved into DevSecOps: Embracing security in software development

By Aaron Linskens on February 09, 2024 devsecops

3 minute read time

Understand how DevOps and DevSecOps are crucial to optimize software development and ensure security is not an afterthought in an SDLC.
Read More...
READ MORE

Mastering SBOMs: Best practices

By Keiana King on February 06, 2024 Development strategy

2 minute read time

Check out Sonatype's recent webinar that sheds light on the importance of software bills of materials (SBOMs) in software development.
Read More...
READ MORE

Exploited Ivanti Connect SSRF vulnerability traced back to 'xmltooling' OSS library

By Ax Sharma on February 05, 2024 vulnerability

5 minute read time

It might be a little known fact that one of the high severity zero-days found in Ivanti devices is actually present in an open source component that the company has deployed in its products. Ivanti's
Read More...
READ MORE

DevSecOps maturity model: A beginner's guide

By Aaron Linskens on January 26, 2024 devsecops

6 minute read time

Explore the concept of a maturity model within the context of DevSecOps which serves as a guide to fortify security practices within software development.
Read More...
READ MORE

npm flooded with 748 packages that store movies

By Ax Sharma on January 25, 2024 vulnerabilities

4 minute read time

The Sonatype Security Research team came across 748 packages flooding the npm software registry.
Read More...
READ MORE

Fake 'distube-config' npm package drops Windows info-stealing malware

By Ax Sharma on January 24, 2024 vulnerabilities

3 minute read time

Sonatype identified two npm packages that typosquat open source packages like Discord modules, in an attempt to infect Windows users with a Trojan
Read More...