Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

The Tipping Point: Human Speed vs. Machine Speed

By Derek Weeks on March 05, 2014 Sonatype Says

3 minute read time

What can the financial services industry learn from the U.S.
Read More...
READ MORE

Secure From the Start: Combining Open Source Policies, Practice & Tools

By Derek Weeks on February 26, 2014 CISO

3 minute read time

In short, open source security can't be an after thought.
Read More...
READ MORE

Sonatype & HP Partnership Offering a New Breed of Application Security

By Ryan Berg on February 24, 2014 Component Lifecycle Management

1 minute read time

Today Sonatype and HP announced Sonatype’s Component Lifecycle Management (CLM) analysis technology has been integrated into HP’s cloud-based software.
Read More...
READ MORE

Financial Services Organizations have Open Eyes on Open Source

3 minute read time

Financial Services Organizations have Open Eyes on Open Source
Read More...
READ MORE

AppSec / DevOps Survey: 63% Concerned with Open Source

By Derek Weeks on February 04, 2014 Application Vulnerabilities

1 minute read time

AppSec / DevOps Survey: 63% Concerned with Open Source
Read More...
READ MORE

Sonatype Nexus Security Advisory

By Brian Fox on January 16, 2014 nexus pro

5 minute read time

Sonatype Nexus Security Advisory
Read More...
READ MORE

Another Security Breach ... Just in time for the holidays.

By Ryan Berg on December 23, 2013 PCI

1 minute read time

Another Security Breach ... Just in time for the holidays.
Read More...
READ MORE

Who Really Wrote Healthcare.gov?

By Wayne Jackson on December 23, 2013 Software Supply Chain

3 minute read time

Who Really Wrote Healthcare.gov?
Read More...
READ MORE

FinSvcs Working Group (FS-ISAC) Takes on Open Source Components

5 minute read time

Applications are becoming the primary security threat vector.
Read More...