Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights: CVE-2014-3603 — Lack of Hostname Verification in OpenSAML

By Akshay 'Ax' Sharma on February 26, 2019 vulnerability

This month, we will be covering a component that is a little older, but probably to the surprise of many, very widely used across a variety of ecosystems.

Read More...

10 years and 10,000 Hours: Lessons Learned from the FOSS/PLG Journey at Sonatype

By Matt Howard on February 20, 2019 News and Views

At Sonatype, we’ve spent the past 10 years engineering and delivering a variety of tools and services to help the global open source community accelerate

Read More...

Hygiene for Open Source Software Is Now a PCI Requirement

By Matt Howard on February 19, 2019 PCI

As we said last year, the software industry is failing to protect the public from data theft and misuse; motivating government officials, associations and

Read More...

26% Acknowledge a Web Application Breach in 2019

By Derek Weeks on February 12, 2019 OSS governance

**NOTE: The results of the 2019 DevSecOps Community Survey, mentioned below, are now available for download here

Early this morning news broke that 620

Read More...

Enhanced Support for Python in Nexus Lifecycle

By Michelle Dufty on February 06, 2019 Nexus Lifecycle

At Sonatype, we pride ourselves on arming development and security teams with precise and actionable intelligence to build software faster, with less risk.

Read More...

DevSecOps at Emerasoft: Sonatype Nexus Lifecycle and F5-Advanced WAF

By Ugo Ciracì on February 05, 2019 Nexus Lifecycle

 

Cybersecurity Status, 2018. Standing to the many available reports on cybercrime, 2018 has seen the "definitive" rise of cyber attacks. From Ransomware

Read More...

Introducing Sonatype's Latest Release: Our Logo

By Derek Weeks on January 28, 2019 News and Views

As Sonatype’s technology and organization have rocketed forward over the years, we noticed that along the way, our i-ching logo’s design fell behind the

Read More...

Nexus Intelligence Insights - CVE-2017-5662 - Cross-Site Scripting (XSS)

By Elisa Velarde on January 25, 2019 vulnerabilities

Happy New Year!

To kick off 2019 we will be covering a vulnerability that is complex in context. All developers are aware of the varieties of privilege

Read More...

Dynamic Storage: Four Ways that Blob Storage Got Smarter with Nexus Repository Pro 3.15

By Andrew Taylor on January 24, 2019 Nexus Repository

For users storing their components and assets in NXRM, we added the ability to create S3 blob stores last Spring. The release of Nexus Repository 3.15 this

Read More...