Featured Article

New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

White House National Cybersecurity Strategy: Landmark Action for a Critical Threat

By Brian Fox on March 02, 2023 Cybersecurity

5 minute read time

The Biden administration announced a new, historic National Cybersecurity Strategy calling for cybersecurity liability and increased investment.

Read More...

Cybersecurity and Beyond: Why Secure Procurement is a Must for Your Organization

By Michael Griffin on December 05, 2022 thought leaders

5 minute read time

Michael Griffin discusses how cybersecurity and mature procurement go hand-in-hand, and how Sonatype helps make sure that this process is secure.

Read More...

Arming the Defender Force and Securing the Software Supply Chain: Helping Developers Implement CISA Best Practices - Part 1

By Eric Hill on September 19, 2022 Nexus Lifecycle

4 minute read time

Sonatype's Nexus Platform helps give DevSecOps practitioners the tools they need to help secure the software supply chain against malicious cyber attacks.

Read More...

Why Developers are Becoming the Weakest Link in Supply Chain Attacks

By Hernán Ortiz on August 29, 2022 secure software supply chain

5 minute read time

As cyber-attacks continue to grow, threat actors have shifted their focus from endpoints and end users to the software supply chain.

Read More...

Java Serialisation - The Gift That Keeps on Taking (Part 3)

By Steve Poole on July 02, 2022 Cybersecurity

7 minute read time

Part 3 of our issues with Java serialisation shares a deep dive into gadget chains and denial of service attacks.

Read More...

Six Memorable Sessions With Government DevSecOp Leaders: What We Learned

By Jason Green on May 07, 2020 Cybersecurity

4 minute read time

Chris Roberts, Ron Ross, Katie Arrington, Nicolas Chaillan, and Lauren Knausenberger join Sonatype leadership to discuss security trends in the government.

Read More...

Top 6 Reasons the Time is Now for DevSecOps in the Federal Government

By Jason Green on March 25, 2020 Cybersecurity

2 minute read time

By playing better offense at the beginning of the digital supply chain, federal agencies can better protect themselves and the American citizenry.

Read More...

The Trump White House Takes Aim at Cybersecurity

By Derek Weeks on May 12, 2017 software bill of materials

5 minute read time

The Trump White House Takes Aim at Cybersecurity. Introduces Executive Order: STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE.

Read More...

Screen Shot 2017-05-01 at 10.14.24 AM.png

Container Considerations on Your DevOps Journey

By Derek Weeks on May 02, 2017 Red Hat

4 minute read time

Container Considerations on Your DevOps Journey. A review of Chris Morgan's keynote session from All Day DevOps.

Read More...

New Design, New Features: Maven Central Improvements for Developers

White House National Cybersecurity Strategy: Landmark Action for a Critical Threat

Cybersecurity and Beyond: Why Secure Procurement is a Must for Your Organization

Arming the Defender Force and Securing the Software Supply Chain: Helping Developers Implement CISA Best Practices - Part 1

Why Developers are Becoming the Weakest Link in Supply Chain Attacks

Java Serialisation - The Gift That Keeps on Taking (Part 3)

Six Memorable Sessions With Government DevSecOp Leaders: What We Learned

Top 6 Reasons the Time is Now for DevSecOps in the Federal Government

The Trump White House Takes Aim at Cybersecurity

Container Considerations on Your DevOps Journey

Secure your software supply chain

Subscribe for all the latest software security news and events