Featured Article
Sonatype removed 3 malicious open-source Java components from Maven Central targeting popular software releases, stopping a software supply chain attack.
In part two of my blog 'A Closer Look at Today's Software Supply Chain', I discussed why human-speed supply chain management can’t keep pace with today’s agile software development practices and why
Wow! What an amazing turnout we had for our 4th annual survey: 3,353 participants this year brings us to over 11,000 participants in the four years we’ve run this survey. I would like to extend a BIG
You can't get away from it. Thousands of open source components are being used in every industry, every day, to quickly build and deploy applications. For those not in the security industry, it's
Heartbleed has put the security community on notice: it is time to take a harder look at the security status of open source components and frameworks. After doing a little industry research on
Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia
London Office - 168 Shoreditch High Street, E1 6HU London
Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.