Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Shifting Security Left: The Innovation of DevSecOps

By Sylvia Fronczak on January 02, 2020 shift left
DevSecOps is a cultural shift that reinforces the mindset that everyone is responsible for security. Here's why this idea is so innovative and productive.
Read More...

Nexus Platform - 2019 Year in Review

By Michelle Dufty on December 30, 2019 Sonatype Nexus
We look back at features introduced in 2019 across Nexus Repository Manager and Nexus IQ Server (Lifecycle, Lifecycle Foundation, Firewall, and Auditor).
Read More...

Nexus Intelligence Insights: CVE-2018-5382 Bouncycastle Information Exposure

By Elisa Velarde on December 26, 2019 vulnerabilities
In this month's Nexus Intelligence Insights, we're covering CVE-2018-5382: Information exposure in the bouncycastle component
Read More...

Continuous Delivery For All

By Derek Weeks on December 24, 2019 Continuous Delivery
Jez Humble addresses the four reasons he consistently hears why continuous delivery won't work in their organization -- and busts all the myths.
Read More...

Gartner: The Crucial Role of OSS License Compliance

Gartner's SCA recommendations include deep understanding of OSS licensing. Operating without license compliance, intentionally or not, invites peril.
Read More...

The Central Repository is Moving to HTTPS

By Terry Yanko on December 20, 2019 central maven repository
Beginning January 15, 2020 The Central Repository will no longer support communication over HTTP. We are moving to HTTPS to ensure greater security.
Read More...

New in Nexus Repository 3.20: R Format Support & More

By Brent Kostak on December 19, 2019 visual studio
The release of Nexus Repository 3.20 offers native support for R repositories. R is a language used for statistical analysis and machine learning.
Read More...

Sonatype Nexus is Rising Above the Swamp

By Matt Howard on December 16, 2019 Nexus vs. Artifactory
With Vista by our side, Sonatype's direction is clear, and Nexus is rising above JFrog Artifactory. We invite you to test the Nexus difference.
Read More...

Gartner: Mitigate Risk By Hardening the Software Supply Chain

By Katie McCaskey on December 12, 2019 Sonatype Nexus
As Gartner explains, key to mitigating open source risk, is a hardened software supply chain. But, where do you start?
Read More...