One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights:CVE-2020-13935 - Apache Tomcat Websocket - Denial of Service (DoS)

By Akshay 'Ax' Sharma on July 29, 2020 vulnerabilities
July’s Nexus Intelligence Insight takes a deep dive into a Denial of Service (DoS) vulnerability impacting the popular Apache Tomcat Websocket component.
Read More...

How to Better Navigate the World of DevSecOps with Sonatype and Saltworks Security

By Tanya Feghali on July 28, 2020 Open Source
Sonatype and Saltworks talk about how to deliver higher quality software faster while securely taking advantage of everything open source has to offer.
Read More...

New in Nexus Repository 3.25: How Do I Switch to NuGet V3?

By Brent Kostak on July 16, 2020 Nuget
Nexus Repository 3.25 is live! It provides complete support for NuGet V3 repositories, including new Group repos and gives access to the updated V3 API.
Read More...

Kubernetes Containers a Boon for Developers

By Phil Vuollet on July 15, 2020 devsecops
Kubernetes helps to automate deploying, scaling, and managing multiple containers. It is the most popular container orchestration system in use right now.
Read More...

Find and Fix Vulnerabilities in Seconds using GitHub PR Reviews with Line Comments

By Kevin Miller on July 07, 2020 github
Pull Request line comments highlight code that introduces a policy violation. This gives developers the information needed to remediate security risks.
Read More...

Compliance as Code

By Pachi Carlson on July 06, 2020 Compliance
Compliance is a growing consideration for application security and must be managed.
Read More...

Trust and Courage are Essential to a Strong Team Culture

By Keith Sprochi on July 02, 2020 leadership
A healthy work culture is invaluable. I think that the Sonatype culture has two main ingredients: trust and courage.
Read More...

The Latest DevSecOps Podcast Playlist

By Katie McCaskey on July 01, 2020 devsecops
The latest playlist of DevSecOps podcast episodes discuss open source vulnerabilities, security, culture, and more.
Read More...

How to Upskill Your Team with Kubernetes

By Brad McCoy on June 30, 2020 devsecops
How we got everyone through the Certified Kubernetes Administrator (CKA) training and you can, too.
Read More...