Skip Navigation
Back
Platform
Platform overview
Automate your software supply chain security
Sonatype Repository Firewall
Block malicious open source at the door
Sonatype Nexus Repository
Build fast with centralized components
Sonatype Lifecycle
Control open source risk across your SDLC
Sonatype SBOM Manager
Simplify SBOM compliance and monitoring
Integrations
Work in the tools, languages, and packages you already use
Solutions
Integrated Innovation
Align dev, security, and ops teams to fuel secure deployment
Developers
Deliver quality code fast
Application Security
Manage vulnerability risks
Legal & Compliance
Enforce policy at scale
By Industry
Government
Financial Services
Manufacturing
Technology
Healthcare
Pricing
Resources
Resources
Featured
DevOps Downloads Webinar Series
Featured
State of the Software Supply Chain
Blog
Webinars
Whitepapers & eBooks
Launchpad
Customer Stories
Free Tools
Sonatype Repository OSS
Sonatype Vulnerability Scanner
Sonatype OSS Index
Customer Resources
Training & Workshops
Documentation
Support
Partners
Become a Partner
Join our extensive Sonatype Partner Network
Find a Partner
Find and connect with a certified Sonatype partner
Company
About
Explore our software supply chain management story
Careers
Innovate with us—explore opportunities at Sonatype
Events
Attend in-person or virtual learning events
Newsroom
Keep up to date on Sonatype in the news
Contact
Let’s talk software supply chain
Book a Demo
Book a Demo
Book a Demo
Sonatype
READ MORE
How much should the federal government worry about Log4j?
By
Sonatype
on December 21, 2021
vulnerabilities
7 minute read time
As the world worries about Log4j exploit, we look at how the US Federal Government is responding - and how worried it should be about this vulnerability.
Read More...
READ MORE
What is a software bill of materials (SBOM)?
By
Sonatype
on September 27, 2021
software bill of materials
6 minute read time
A deep dive into a Software Bill of Materials with top use cases, benefits, and ways to manage.
Read More...
READ MORE
JavaScript scanning now supported in JetBrains IDEs: Intellij IDEA, Webstorm, and more
By
Sonatype
on July 30, 2021
Product
2 minute read time
The Sonatype Nexus platform now evaluates and analyzes Javascript/Node components directly in IntelliJ IDEA.
Read More...
READ MORE
How does securing the software supply chain fit the DoD CIO zero trust architecture?
By
Sonatype
on June 24, 2021
software bill of materials
8 minute read time
Curious how the DoD Zero Trust Architecture relates to secure development and protecting your software supply chain? We're breaking that down for you.
Read More...
READ MORE
What is dependency confusion and why does it matter in the federal sector?
By
Sonatype
on May 21, 2021
government
8 minute read time
Developers in the federal space are not immune from dependency confusion attacks.
Read More...
READ MORE
Insight Application Health Check: Scan Your Application for Security and Licensing Issues in Minutes
By
Sonatype
on July 25, 2012
Sonatype Says
2 minute read time
Insight Application Health Check: Scan Your Application for Security and Licensing Issues in Minutes
Read More...
READ MORE
Sonatype's Enterprise Development Survey
By
Sonatype
on December 20, 2010
Sonatype Says
1 minute read time
Sonatype's Enterprise Development Survey
Read More...
READ MORE
Repository Management With Nexus
By
Sonatype
on December 06, 2010
Sonatype Says
1 minute read time
Repository Management with Nexus
Read More...
Previous