Why You Need a Software Bill of Materials More Than Ever

By Katie McCaskey on December 05, 2019 software bill of materials

5 minute read time

Enterprises need to know what open source components are in their software at all times. If you don't have a software bill of materials, you're already behind.
Read More...

Nexus Lifecycle Now Integrates With Red Hat Clair to Secure Containers Across the SDLC

By Michelle Dufty on November 25, 2019 featured

2 minute read time

Sonatype is automating container security via an open API that makes it easy for third-party container scanners to integrate with Nexus Lifecycle - starting.
Read More...

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

By Katie McCaskey on August 05, 2019 open source governance

3 minute read time

Toyota developed a vehicle production framework, still in use today, that shapes contemporary software supply chain management, too.
Read More...

A Lesson in Why “Security by Press Release” is Detrimental

By Ax Sharma on November 02, 2018 vulnerabilities

4 minute read time

Last week news broke about a 3-year old jQuery vulnerability that was just discovered, and had just been patched - sending many into a frenzy.
Read More...