Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Elisa Velarde

Elisa is a Senior Product Marketing Manager at Sonatype. She brings over 10 years of experience in sourcing, mentoring, and leading Marketing or full Agile product teams while maintaining a collaborative, cross-departmental approach to support company goals.

Corrupting the Software Supply Chain: Lessons from the Bootstrap-sass Hack

By Elisa Velarde on April 09, 2019 vulnerability
The boldness of bad actors is escalating in the world of open source software. From the event-stream / NPM incident in November of 2018, to the recent bootstrap-sass / Ruby Gems hack, bad actors are
Read More...

Nexus Intelligence Insights: CVE-2014-3483 - SQL Injection in PostgreSQL adapter for Active Record against 'range' data type

By Elisa Velarde on March 29, 2019 vulnerability
In this month's Nexus Intelligence Insights we discuss an older component that is used by millions of developers. Say hello to CVE-2014-3483, a SQL injection vulnerability.
Read More...

Nexus Intelligence Insights - CVE-2017-5662 - Cross-Site Scripting (XSS)

By Elisa Velarde on January 25, 2019 vulnerabilities
Nexus Intelligence Insights - CVE-2017-5662 - Cross-Site Scripting (XSS)
Read More...

Nexus Intelligence Insights - CVE-2018-10237- Guava Vulnerability

By Elisa Velarde on November 12, 2018 vulnerabilities
Welcome back to Nexus Intelligence Insights
Read More...

Introducing Nexus Intelligence Insights

By Elisa Velarde on October 12, 2018 vulnerabilities
Nexus Intelligence Insights
Read More...