Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights: CVE-2014-3603 — Lack of Hostname Verification in OpenSAML

By Akshay 'Ax' Sharma on February 26, 2019 vulnerability

This month, we will be covering a component that is a little older, but probably to the surprise of many, very widely used across a variety of ecosystems.


10 years and 10,000 Hours: Lessons Learned from the FOSS/PLG Journey at Sonatype

By Matt Howard on February 20, 2019 News and Views

At Sonatype, we’ve spent the past 10 years engineering and delivering a variety of tools and services to help the global open source community accelerate


Hygiene for Open Source Software Is Now a PCI Requirement

By Matt Howard on February 19, 2019 PCI

As we said last year, the software industry is failing to protect the public from data theft and misuse; motivating government officials, associations and


26% Acknowledge a Web Application Breach in 2019

By Derek Weeks on February 12, 2019 OSS governance

**NOTE: The results of the 2019 DevSecOps Community Survey, mentioned below, are now available for download here

Early this morning news broke that 620


Enhanced Support for Python in Nexus Lifecycle

By Michelle Dufty on February 06, 2019 Nexus Lifecycle

At Sonatype, we pride ourselves on arming development and security teams with precise and actionable intelligence to build software faster, with less risk.


DevSecOps at Emerasoft: Sonatype Nexus Lifecycle and F5-Advanced WAF

By Ugo Ciracì on February 05, 2019 Nexus Lifecycle


Cybersecurity Status, 2018. Standing to the many available reports on cybercrime, 2018 has seen the "definitive" rise of cyber attacks. From Ransomware


Introducing Sonatype's Latest Release: Our Logo

By Derek Weeks on January 28, 2019 News and Views

As Sonatype’s technology and organization have rocketed forward over the years, we noticed that along the way, our i-ching logo’s design fell behind the


Nexus Intelligence Insights - CVE-2017-5662 - Cross-Site Scripting (XSS)

By Elisa Velarde on January 25, 2019 vulnerabilities

Happy New Year!

To kick off 2019 we will be covering a vulnerability that is complex in context. All developers are aware of the varieties of privilege


Dynamic Storage: Four Ways that Blob Storage Got Smarter with Nexus Repository Pro 3.15

By Andrew Taylor on January 24, 2019 Nexus Repository

For users storing their components and assets in NXRM, we added the ability to create S3 blob stores last Spring. The release of Nexus Repository 3.15 this