Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights: CVE-2018-5382 Bouncycastle Information Exposure

By Elisa Velarde on December 26, 2019 vulnerabilities
In this month's Nexus Intelligence Insights, we're covering CVE-2018-5382: Information exposure in the bouncycastle component
Read More...

Part 3: The Internet of Everything: Code, Cars, and More

In part two of my blog 'A Closer Look at Today's Software Supply Chain', I discussed why human-speed supply chain management can’t keep pace with today’s agile software development practices and why

Read More...

The 2014 Survey: Marked by an Industry Shock Wave

Wow! What an amazing turnout we had for our 4th annual survey: 3,353 participants this year brings us to over 11,000 participants in the four years we’ve run this survey. I would like to extend a BIG

Read More...

5 Things You Need to Know About Open Source Components

You can't get away from it. Thousands of open source components are being used in every industry, every day, to quickly build and deploy applications. For those not in the security industry, it's

Read More...

4 Open Source Components You Need to Update Right Now

Heartbleed has put the security community on notice: it is time to take a harder look at the security status of open source components and frameworks. After doing a little industry research on

Read More...