One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

GDPR Gets Teeth: British Airways and Marriott Fined

By Ilkka Turunen on July 09, 2019 devsecops
Fines levied at British Airways and Marriott International under GDPR show why data protection must be a central part of the software supply chain.
Read More...

US Energy and Commerce Committee: 6 Strategies for Modern Cybersecurity Risks

By Ilkka Turunen on December 18, 2018 software bill of materials
On the 12th of December the Subcommittee on oversight and investigations released an additional report identifying the core strategies organisations can take to address modern cybersecurity risks.
Read More...

3 steps to deal with the aftermath of the highjacked eslint-scope package

By Ilkka Turunen on July 13, 2018 npm
Yesterday at noon BST a new github issue was opened in the popular eslint repository on github. Someone had highjacked this package which stole user's credentials. Here's how to react to the
Read More...

CVE-2017-17461 - Vulnerable or Not?

By Ilkka Turunen on May 31, 2018 security research
Security research team finds a vulnerability dismissed by others.
Read More...

Nexus Lifecycle: Using REST API to identify where newly vulnerable components reside across your application portfolio

By Ilkka Turunen on February 19, 2018 Application Security
Using the REST API from Nexus Lifecycle to identify new vulnerable components across your application portfolio.
Read More...

Struts2 Breach at Equifax was 100% Preventable. Here's how.

By Ilkka Turunen on September 20, 2017 Nexus Lifecycle
The breach at Equifax is a siren call for organizations to approach the problem of managing open source software by using automated technology.
Read More...