Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Developers, Say Goodbye to Vulnerabilities. Squash Those Bugs!

By Katie McCaskey on June 12, 2019 Nexus Lifecycle
Sonatypers Jerome Gergel and Melanie Latin offer developers a set of four best practices once violations are identified in your software.
Read More...

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain
Containers and automated tools create new opportunities for software supply chains and opensource governance as well as system security. DevSecOps, application and system security are all visible in
Read More...

Real World Experiences: Blackboard

As part of a new series we're calling 'Real World Experiences' we'll be highlighting how Sonatype customers are benefiting from greater development efficiency, higher productivity levels, faster time

Read More...

Who is Nigel Simpson? (Lessons of Open Source Governance)

By Derek Weeks on October 28, 2014 Sonatype Says
Who is Nigel Simpson? (Lessons of Open Source Governance)
Read More...

Bash 2014 - This Is Not a Party

I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and

Read More...

What Happened Sept 16th?

We led an invasion last week armed with a flying drone, glowing lightsabers, and the latest knowledge on open source security vulnerabilities. Our mission? Lead, share, educate, moderate, and have

Read More...

Never a More Interesting Time

“It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity, it was the season of Light,

Read More...

Two AppSec Questions Always Asked

While Repository Health Checks are valuable, we just released something even better: the CLM 1.11 Dashboard. First of all, it helps you answer the first two critical open source vulnerability

Read More...

Trusting Third-Party Code That Can't Be Trusted

Paul Roberts (@paulfroberts) at InfoWorld recently shared his perspective on “5 big security mistakes coders make”. First on his list was trusting third-party code that can’t be trusted. Paul shares:

Read More...