Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Success Requires Reflection on DevSecOps Failures

By DJ Schleen on August 23, 2019 DevOps Culture
There are so many books on how to succeed, but none about the major challenges and headaches that will ultimately occur when beginning a DevSecOps journey.
Read More...

Announcing GoNexus

By Joseph Stephens on August 21, 2019 Nexus Repository
GoNexus helps developers run reliable and reproducible builds. It follows our tools, Nancy, Goalie, NXRM OSS, and DepShield used in the Go community.
Read More...

Nexus Intelligence Insights: Sonatype-2018-0413, flatmap-stream's back, back again

By Elisa Velarde on August 20, 2019 vulnerabilities
In this month's Nexus Intelligence Insights, we're covering Sonatype-2018-0413: a deeper dive into flatmap-stream and malicious code injection vectors in additional components
Read More...

Better, Faster, Stronger: Nexus Lifecycle's Improved JIRA Add-on Gives Developers and AppSec Something to High-Five About

By Michelle Dufty on August 14, 2019 JIRA
Nexus Lifecycle's new JIRA add-on with violation reporting eliminates the admin overhead of managing fixes. Component fixes are assigned and tracked with one-click.
Read More...

From Fast Company to Inc, Sonatype Continues Racking Up Notable Awards

By Katie McCaskey on August 14, 2019 awards
Sonatype's racking up an impressive list of awards: Inc.500, Fast Company Innovators, The Washington Post's Best Workplace, CyberTacos, and more.
Read More...

A Sort of a Homecoming - Why I Joined Sonatype

By DJ Schleen on August 08, 2019 featured
The open source and supply chain problem facing the industry is one of the major reasons why I joined Sonatype. I can make an impact evangelizing DevSecOps.
Read More...

How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension

By Katie McCaskey on August 02, 2019 plugin
The origin story of the Nexus Chrome plugin, which starts with Sonatyper Cameron Townshend on the beaches of Australia. It is now used worldwide.
Read More...

Security Organizations Need to Start Thinking Like Developers

By DJ Schleen on July 30, 2019 security
Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...

Why Software Composition Analysis (SCA) Demands Precision

Software Composition Analysis: Getting to the Signal Through the Noise, by 451 Research, demonstrates Sonatype's leadership in software composition analysis.
Read More...