Featured Article
Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day
Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day
3 minute read time
Discover ten open source packages affected by the HTTP/2 Rapid Reset vulnerability, disclosed by Cloudflare this week
Read More...
Introducing our 9th annual State of the Software Supply Chain report
5 minute read time
Sonatype announces the arrival of our 9th annual State of the Software Supply Chain report that explores open source security, industry trends, and more.
Read More...
Unlocking the power of generative AI in software development: Insights from Sonatype's survey
4 minute read time
Explore the influence of generative AI in software development via the results of Sonatype's recent survey involving 400 DevOps and 400 SecOps leaders
Read More...
npm manifest confusion – what is it and do you really need to worry about it?
Read More...
Sonatype's malicious open source and malware detection systems found hundreds of malicious PyPI packages.
Read More...
The Sonatype platform named a Leader in the 2023 Forrester Wave for SCA.
Read More...
Sonatype named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing
4 minute read time
Sonatype is named to the 2023 Gartner Magic Quadrant for Application Security Testing (AST).
Read More...
Can the open source community save Europe from the Cyber Resilience Act?
7 minute read time
Examine the open source community's response to the EU Cyber Resilience Act, and its potential consequences for the future of innovation & collaboration.
Read More...
Explore a refreshed Sonatype Platform: New features, new product names
4 minute read time
Sonatype has new capabilities, improved security, and brand new product names. Learn more about the revamped Sonatype Platform.
Read More...